Solved

Getting User ID/Name for processes

Posted on 1997-10-15
4
1,409 Views
Last Modified: 2013-12-03
Hey,

I need to be able to get the user id/name of a process.
Once I have the PID I attempt to do the following:

OpenProcess()                  - using the pid
GetUserObjectSecurity()            - using the resulting handle
GetSecurityDescriptorOwner()      - using the found security Descriptor
LookupAccountSid()      - to find the Account Name for the found SID

My problem is that LookupAccountSid() always returns with a value of
1332 - ERROR_NONE_MAPPED (No mapping between account names and
security IDs was done)

Can someone tell me what I've done wrong? Is there an easier way to do
want I want than the above? The actual code follows - be warned that I
haven't bothered neatening it up to much - I'm just playing atm.

dwpid has been defined and set elsewhere in the code.

any help is appreciated

---- start code ----

   HANDLE hProcess;
   SECURITY_INFORMATION SecurityInfo = OWNER_SECURITY_INFORMATION;
   SECURITY_DESCRIPTOR SecurityDesc;
   SID_NAME_USE Use = SidTypeUser;
   PSID  pSid;
   LPTSTR wsAccountName;
   LPTSTR wsDomainName;
   DWORD dwSecurityDescLength = BUFSIZ;
   DWORD dwAccountLen = BUFSIZ;
   DWORD dwDomainLen = BUFSIZ;
   BOOL  bOwnerDefaulted;
   char sAccountName[30];
   char sDomainName[30];
   int rc;

   if ((hProcess = OpenProcess(PROCESS_ALL_ACCESS,
                          FALSE,
                          (DWORD)dwpid)) == NULL)
      rc = GetLastError();
   if (GetUserObjectSecurity(hProcess,
                             &SecurityInfo,
                             &SecurityDesc,
                             dwSecurityDescLength,
                             &dwSecurityDescLength))
   {
      if (GetSecurityDescriptorOwner(&SecurityDesc,
                                     &pSid,
                                     &bOwnerDefaulted))
      {
         wsAccountName = (LPTSTR) malloc (dwAccountLen);
         wsDomainName = (LPTSTR) malloc (dwDomainLen);
         if (LookupAccountSid(NULL,
                              pSid,
                              wsAccountName,
                              &dwAccountLen,
                              wsDomainName,
                              &dwDomainLen,
                              &Use))
         {
            WideCharToMultiByte(CP_ACP,
                                NULL,
                                wsAccountName,
                                dwAccountLen,
                                sAccountName,
                                sizeof(sAccountName),
                                NULL,
                                NULL);
            WideCharToMultiByte(CP_ACP,
                                NULL,
                                wsDomainName,
                                dwDomainLen,
                                sDomainName,
                                sizeof(sDomainName),
                                NULL,
                                NULL);
         }
         else
            rc = GetLastError();
      }
      else
         rc = GetLastError();
   }
   else
      rc = GetLastError();

---- end code ----
0
Comment
Question by:acmy
  • 2
  • 2
4 Comments
 
LVL 1

Accepted Solution

by:
Daniel_E earned 100 total points
ID: 1407593
I've used the following piece of code several times when
I want to get user and domain information:

---[snip]---
DWORD dwUserNameOnlyLength = 1000;
char lpszUserNameOnly[1000];

DWORD dwDomainLength = 1000;
char lpszDomain[1000];

SID_NAME_USE snu;
UCHAR   InfoBuffer[1000];
PTOKEN_USER pTokenUser = (PTOKEN_USER)InfoBuffer;
DWORD   dwInfoBufferSize, dwAccountSize = 200, dwDomainSize = 128;
HANDLE  hProcess, hAccessToken;
hProcess = GetCurrentProcess();
OpenProcessToken(hProcess, TOKEN_READ, &hAccessToken);
GetTokenInformation(hAccessToken, TokenUser, InfoBuffer, 1000, &dwInfoBufferSize);
LookupAccountSid(NULL, pTokenUser->User.Sid, lpszUserNameOnly, &dwUserNameOnlyLength, lpszDomain, &dwDomainLength, &snu);

---[snip]---

Hope it helps!

0
 

Author Comment

by:acmy
ID: 1407594
Thanks Daniel that did help - once I'd modified it to handle unicode and used OpenProcess() instead of GetCurrentProcess() it worked.

However, I'm still not clear on why it did not work the way I tried it. Was I simply using the wrong API's to get process info?

Thanks again
0
 
LVL 1

Expert Comment

by:Daniel_E
ID: 1407595
It didn't work with GetCurrentProcess()? Hmm...
I don't know much about these APIs, so I can't tell you what you
did wrong. Why don't you single-step through both codes and
compare results, that would probably give you a good idea on
what you missed.
0
 

Author Comment

by:acmy
ID: 1407596
GetCurrentProcess probably would've worked. It's just not what I wanted. I'm looping through currently running processes and attempting to find out who they are owned. GetCurrentProcess would've only worked for my process
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Duplicates in Aggregate Query 3 33
how to have excel show file name on the title bar 4 42
Windows Installer 4 69
Visual Studio Debugging 3 121
This article describes how to programmatically preset the "Pages per Sheet" option that's available with most printer drivers.   This setting lets you do "n-Up" printing, where two, four, or more pages are printed on each sheet of paper. If your …
Entering time in Microsoft Access can be difficult. An input mask often bothers users more than helping them and won't catch all typing errors. This article shows how to create a textbox for 24-hour time input with full validation politely catching …
This is Part 3 in a 3-part series on Experts Exchange to discuss error handling in VBA code written for Excel. Part 1 of this series discussed basic error handling code using VBA. http://www.experts-exchange.com/videos/1478/Excel-Error-Handlin…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now