Getting User ID/Name for processes

Hey,

I need to be able to get the user id/name of a process.
Once I have the PID I attempt to do the following:

OpenProcess()                  - using the pid
GetUserObjectSecurity()            - using the resulting handle
GetSecurityDescriptorOwner()      - using the found security Descriptor
LookupAccountSid()      - to find the Account Name for the found SID

My problem is that LookupAccountSid() always returns with a value of
1332 - ERROR_NONE_MAPPED (No mapping between account names and
security IDs was done)

Can someone tell me what I've done wrong? Is there an easier way to do
want I want than the above? The actual code follows - be warned that I
haven't bothered neatening it up to much - I'm just playing atm.

dwpid has been defined and set elsewhere in the code.

any help is appreciated

---- start code ----

   HANDLE hProcess;
   SECURITY_INFORMATION SecurityInfo = OWNER_SECURITY_INFORMATION;
   SECURITY_DESCRIPTOR SecurityDesc;
   SID_NAME_USE Use = SidTypeUser;
   PSID  pSid;
   LPTSTR wsAccountName;
   LPTSTR wsDomainName;
   DWORD dwSecurityDescLength = BUFSIZ;
   DWORD dwAccountLen = BUFSIZ;
   DWORD dwDomainLen = BUFSIZ;
   BOOL  bOwnerDefaulted;
   char sAccountName[30];
   char sDomainName[30];
   int rc;

   if ((hProcess = OpenProcess(PROCESS_ALL_ACCESS,
                          FALSE,
                          (DWORD)dwpid)) == NULL)
      rc = GetLastError();
   if (GetUserObjectSecurity(hProcess,
                             &SecurityInfo,
                             &SecurityDesc,
                             dwSecurityDescLength,
                             &dwSecurityDescLength))
   {
      if (GetSecurityDescriptorOwner(&SecurityDesc,
                                     &pSid,
                                     &bOwnerDefaulted))
      {
         wsAccountName = (LPTSTR) malloc (dwAccountLen);
         wsDomainName = (LPTSTR) malloc (dwDomainLen);
         if (LookupAccountSid(NULL,
                              pSid,
                              wsAccountName,
                              &dwAccountLen,
                              wsDomainName,
                              &dwDomainLen,
                              &Use))
         {
            WideCharToMultiByte(CP_ACP,
                                NULL,
                                wsAccountName,
                                dwAccountLen,
                                sAccountName,
                                sizeof(sAccountName),
                                NULL,
                                NULL);
            WideCharToMultiByte(CP_ACP,
                                NULL,
                                wsDomainName,
                                dwDomainLen,
                                sDomainName,
                                sizeof(sDomainName),
                                NULL,
                                NULL);
         }
         else
            rc = GetLastError();
      }
      else
         rc = GetLastError();
   }
   else
      rc = GetLastError();

---- end code ----
acmyAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Daniel_ECommented:
I've used the following piece of code several times when
I want to get user and domain information:

---[snip]---
DWORD dwUserNameOnlyLength = 1000;
char lpszUserNameOnly[1000];

DWORD dwDomainLength = 1000;
char lpszDomain[1000];

SID_NAME_USE snu;
UCHAR   InfoBuffer[1000];
PTOKEN_USER pTokenUser = (PTOKEN_USER)InfoBuffer;
DWORD   dwInfoBufferSize, dwAccountSize = 200, dwDomainSize = 128;
HANDLE  hProcess, hAccessToken;
hProcess = GetCurrentProcess();
OpenProcessToken(hProcess, TOKEN_READ, &hAccessToken);
GetTokenInformation(hAccessToken, TokenUser, InfoBuffer, 1000, &dwInfoBufferSize);
LookupAccountSid(NULL, pTokenUser->User.Sid, lpszUserNameOnly, &dwUserNameOnlyLength, lpszDomain, &dwDomainLength, &snu);

---[snip]---

Hope it helps!

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
acmyAuthor Commented:
Thanks Daniel that did help - once I'd modified it to handle unicode and used OpenProcess() instead of GetCurrentProcess() it worked.

However, I'm still not clear on why it did not work the way I tried it. Was I simply using the wrong API's to get process info?

Thanks again
0
Daniel_ECommented:
It didn't work with GetCurrentProcess()? Hmm...
I don't know much about these APIs, so I can't tell you what you
did wrong. Why don't you single-step through both codes and
compare results, that would probably give you a good idea on
what you missed.
0
acmyAuthor Commented:
GetCurrentProcess probably would've worked. It's just not what I wanted. I'm looping through currently running processes and attempting to find out who they are owned. GetCurrentProcess would've only worked for my process
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Development

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.