Solved

Getting User ID/Name for processes

Posted on 1997-10-15
4
1,418 Views
Last Modified: 2013-12-03
Hey,

I need to be able to get the user id/name of a process.
Once I have the PID I attempt to do the following:

OpenProcess()                  - using the pid
GetUserObjectSecurity()            - using the resulting handle
GetSecurityDescriptorOwner()      - using the found security Descriptor
LookupAccountSid()      - to find the Account Name for the found SID

My problem is that LookupAccountSid() always returns with a value of
1332 - ERROR_NONE_MAPPED (No mapping between account names and
security IDs was done)

Can someone tell me what I've done wrong? Is there an easier way to do
want I want than the above? The actual code follows - be warned that I
haven't bothered neatening it up to much - I'm just playing atm.

dwpid has been defined and set elsewhere in the code.

any help is appreciated

---- start code ----

   HANDLE hProcess;
   SECURITY_INFORMATION SecurityInfo = OWNER_SECURITY_INFORMATION;
   SECURITY_DESCRIPTOR SecurityDesc;
   SID_NAME_USE Use = SidTypeUser;
   PSID  pSid;
   LPTSTR wsAccountName;
   LPTSTR wsDomainName;
   DWORD dwSecurityDescLength = BUFSIZ;
   DWORD dwAccountLen = BUFSIZ;
   DWORD dwDomainLen = BUFSIZ;
   BOOL  bOwnerDefaulted;
   char sAccountName[30];
   char sDomainName[30];
   int rc;

   if ((hProcess = OpenProcess(PROCESS_ALL_ACCESS,
                          FALSE,
                          (DWORD)dwpid)) == NULL)
      rc = GetLastError();
   if (GetUserObjectSecurity(hProcess,
                             &SecurityInfo,
                             &SecurityDesc,
                             dwSecurityDescLength,
                             &dwSecurityDescLength))
   {
      if (GetSecurityDescriptorOwner(&SecurityDesc,
                                     &pSid,
                                     &bOwnerDefaulted))
      {
         wsAccountName = (LPTSTR) malloc (dwAccountLen);
         wsDomainName = (LPTSTR) malloc (dwDomainLen);
         if (LookupAccountSid(NULL,
                              pSid,
                              wsAccountName,
                              &dwAccountLen,
                              wsDomainName,
                              &dwDomainLen,
                              &Use))
         {
            WideCharToMultiByte(CP_ACP,
                                NULL,
                                wsAccountName,
                                dwAccountLen,
                                sAccountName,
                                sizeof(sAccountName),
                                NULL,
                                NULL);
            WideCharToMultiByte(CP_ACP,
                                NULL,
                                wsDomainName,
                                dwDomainLen,
                                sDomainName,
                                sizeof(sDomainName),
                                NULL,
                                NULL);
         }
         else
            rc = GetLastError();
      }
      else
         rc = GetLastError();
   }
   else
      rc = GetLastError();

---- end code ----
0
Comment
Question by:acmy
  • 2
  • 2
4 Comments
 
LVL 1

Accepted Solution

by:
Daniel_E earned 100 total points
ID: 1407593
I've used the following piece of code several times when
I want to get user and domain information:

---[snip]---
DWORD dwUserNameOnlyLength = 1000;
char lpszUserNameOnly[1000];

DWORD dwDomainLength = 1000;
char lpszDomain[1000];

SID_NAME_USE snu;
UCHAR   InfoBuffer[1000];
PTOKEN_USER pTokenUser = (PTOKEN_USER)InfoBuffer;
DWORD   dwInfoBufferSize, dwAccountSize = 200, dwDomainSize = 128;
HANDLE  hProcess, hAccessToken;
hProcess = GetCurrentProcess();
OpenProcessToken(hProcess, TOKEN_READ, &hAccessToken);
GetTokenInformation(hAccessToken, TokenUser, InfoBuffer, 1000, &dwInfoBufferSize);
LookupAccountSid(NULL, pTokenUser->User.Sid, lpszUserNameOnly, &dwUserNameOnlyLength, lpszDomain, &dwDomainLength, &snu);

---[snip]---

Hope it helps!

0
 

Author Comment

by:acmy
ID: 1407594
Thanks Daniel that did help - once I'd modified it to handle unicode and used OpenProcess() instead of GetCurrentProcess() it worked.

However, I'm still not clear on why it did not work the way I tried it. Was I simply using the wrong API's to get process info?

Thanks again
0
 
LVL 1

Expert Comment

by:Daniel_E
ID: 1407595
It didn't work with GetCurrentProcess()? Hmm...
I don't know much about these APIs, so I can't tell you what you
did wrong. Why don't you single-step through both codes and
compare results, that would probably give you a good idea on
what you missed.
0
 

Author Comment

by:acmy
ID: 1407596
GetCurrentProcess probably would've worked. It's just not what I wanted. I'm looping through currently running processes and attempting to find out who they are owned. GetCurrentProcess would've only worked for my process
0

Featured Post

PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Having Trouble with MS Access 2010 CommandBars 19 110
Need to create an object factory 2 49
What is MicroStrategy.NET? 2 83
Please explain purpose of GZIP 4 60
This article shows a few slightly more advanced techniques for Windows 7 gadget programming, including how to save and restore user settings for your gadget and how to populate the "details" panel that is displayed in the Windows 7 gadget gallery.  …
zlib is a free compression library (a DLL) on which the popular gzip utility is built.  In this article, we'll see how to use the zlib functions to compress and decompress data in memory; that is, without needing to use a temporary file.  We'll be c…
This is Part 3 in a 3-part series on Experts Exchange to discuss error handling in VBA code written for Excel. Part 1 of this series discussed basic error handling code using VBA. http://www.experts-exchange.com/videos/1478/Excel-Error-Handlin…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question