HANDLE hProcess = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, 0, THE_PROCESS_ID);
進程句柄我怎樣才能在運行過程中,用戶的用戶名?
我正在使用非託管代碼(無.NET)。
HANDLE hProcess = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, 0, THE_PROCESS_ID);
進程句柄我怎樣才能在運行過程中,用戶的用戶名?
我正在使用非託管代碼(無.NET)。
使用OpenProcessToken得到令牌(明顯),然後GetTokenInformation與TokenOwner
標誌獲得所有者的SID。然後您可以使用LookupAccountSid獲取用戶名。
WMI可能是阻力最小的路徑。您還應該能夠使用OpenProcessToken獲取令牌,然後使用GetTokenInformation獲取擁有者的SID。然後,您可以將SID轉換爲用戶名。
如果WMI是不是一種選擇,然後使用GetUserFromProcess低於需要的進程ID作爲輸入參數並且返回用戶名和域:
#include <comdef.h>
#define MAX_NAME 256
BOOL GetLogonFromToken (HANDLE hToken, _bstr_t& strUser, _bstr_t& strdomain)
{
DWORD dwSize = MAX_NAME;
BOOL bSuccess = FALSE;
DWORD dwLength = 0;
strUser = "";
strdomain = "";
PTOKEN_USER ptu = NULL;
//Verify the parameter passed in is not NULL.
if (NULL == hToken)
goto Cleanup;
if (!GetTokenInformation(
hToken, // handle to the access token
TokenUser, // get information about the token's groups
(LPVOID) ptu, // pointer to PTOKEN_USER buffer
0, // size of buffer
&dwLength // receives required buffer size
))
{
if (GetLastError() != ERROR_INSUFFICIENT_BUFFER)
goto Cleanup;
ptu = (PTOKEN_USER)HeapAlloc(GetProcessHeap(),
HEAP_ZERO_MEMORY, dwLength);
if (ptu == NULL)
goto Cleanup;
}
if (!GetTokenInformation(
hToken, // handle to the access token
TokenUser, // get information about the token's groups
(LPVOID) ptu, // pointer to PTOKEN_USER buffer
dwLength, // size of buffer
&dwLength // receives required buffer size
))
{
goto Cleanup;
}
SID_NAME_USE SidType;
char lpName[MAX_NAME];
char lpDomain[MAX_NAME];
if(!LookupAccountSid(NULL , ptu->User.Sid, lpName, &dwSize, lpDomain, &dwSize, &SidType))
{
DWORD dwResult = GetLastError();
if(dwResult == ERROR_NONE_MAPPED)
strcpy (lpName, "NONE_MAPPED");
else
{
printf("LookupAccountSid Error %u\n", GetLastError());
}
}
else
{
printf("Current user is %s\\%s\n",
lpDomain, lpName);
strUser = lpName;
strdomain = lpDomain;
bSuccess = TRUE;
}
Cleanup:
if (ptu != NULL)
HeapFree(GetProcessHeap(), 0, (LPVOID)ptu);
return bSuccess;
}
HRESULT GetUserFromProcess(const DWORD procId, _bstr_t& strUser, _bstr_t& strdomain)
{
HANDLE hProcess = OpenProcess(PROCESS_QUERY_INFORMATION,FALSE,procId);
if(hProcess == NULL)
return E_FAIL;
HANDLE hToken = NULL;
if(!OpenProcessToken(hProcess, TOKEN_QUERY, &hToken))
{
CloseHandle(hProcess);
return E_FAIL;
}
BOOL bres = GetLogonFromToken (hToken, strUser, strdomain);
CloseHandle(hToken);
CloseHandle(hProcess);
return bres?S_OK:E_FAIL;
}
ntdll.dll中
工作很好。我不得不使用TokenUser來獲取用戶名。 TokenOwner正在返回組名稱(管理員)。 – modernzombie 2010-04-22 13:21:05