Solved

Getting User ID/Name for processes

Posted on 1997-10-15
4
1,405 Views
Last Modified: 2013-12-03
Hey,

I need to be able to get the user id/name of a process.
Once I have the PID I attempt to do the following:

OpenProcess()                  - using the pid
GetUserObjectSecurity()            - using the resulting handle
GetSecurityDescriptorOwner()      - using the found security Descriptor
LookupAccountSid()      - to find the Account Name for the found SID

My problem is that LookupAccountSid() always returns with a value of
1332 - ERROR_NONE_MAPPED (No mapping between account names and
security IDs was done)

Can someone tell me what I've done wrong? Is there an easier way to do
want I want than the above? The actual code follows - be warned that I
haven't bothered neatening it up to much - I'm just playing atm.

dwpid has been defined and set elsewhere in the code.

any help is appreciated

---- start code ----

   HANDLE hProcess;
   SECURITY_INFORMATION SecurityInfo = OWNER_SECURITY_INFORMATION;
   SECURITY_DESCRIPTOR SecurityDesc;
   SID_NAME_USE Use = SidTypeUser;
   PSID  pSid;
   LPTSTR wsAccountName;
   LPTSTR wsDomainName;
   DWORD dwSecurityDescLength = BUFSIZ;
   DWORD dwAccountLen = BUFSIZ;
   DWORD dwDomainLen = BUFSIZ;
   BOOL  bOwnerDefaulted;
   char sAccountName[30];
   char sDomainName[30];
   int rc;

   if ((hProcess = OpenProcess(PROCESS_ALL_ACCESS,
                          FALSE,
                          (DWORD)dwpid)) == NULL)
      rc = GetLastError();
   if (GetUserObjectSecurity(hProcess,
                             &SecurityInfo,
                             &SecurityDesc,
                             dwSecurityDescLength,
                             &dwSecurityDescLength))
   {
      if (GetSecurityDescriptorOwner(&SecurityDesc,
                                     &pSid,
                                     &bOwnerDefaulted))
      {
         wsAccountName = (LPTSTR) malloc (dwAccountLen);
         wsDomainName = (LPTSTR) malloc (dwDomainLen);
         if (LookupAccountSid(NULL,
                              pSid,
                              wsAccountName,
                              &dwAccountLen,
                              wsDomainName,
                              &dwDomainLen,
                              &Use))
         {
            WideCharToMultiByte(CP_ACP,
                                NULL,
                                wsAccountName,
                                dwAccountLen,
                                sAccountName,
                                sizeof(sAccountName),
                                NULL,
                                NULL);
            WideCharToMultiByte(CP_ACP,
                                NULL,
                                wsDomainName,
                                dwDomainLen,
                                sDomainName,
                                sizeof(sDomainName),
                                NULL,
                                NULL);
         }
         else
            rc = GetLastError();
      }
      else
         rc = GetLastError();
   }
   else
      rc = GetLastError();

---- end code ----
0
Comment
Question by:acmy
  • 2
  • 2
4 Comments
 
LVL 1

Accepted Solution

by:
Daniel_E earned 100 total points
ID: 1407593
I've used the following piece of code several times when
I want to get user and domain information:

---[snip]---
DWORD dwUserNameOnlyLength = 1000;
char lpszUserNameOnly[1000];

DWORD dwDomainLength = 1000;
char lpszDomain[1000];

SID_NAME_USE snu;
UCHAR   InfoBuffer[1000];
PTOKEN_USER pTokenUser = (PTOKEN_USER)InfoBuffer;
DWORD   dwInfoBufferSize, dwAccountSize = 200, dwDomainSize = 128;
HANDLE  hProcess, hAccessToken;
hProcess = GetCurrentProcess();
OpenProcessToken(hProcess, TOKEN_READ, &hAccessToken);
GetTokenInformation(hAccessToken, TokenUser, InfoBuffer, 1000, &dwInfoBufferSize);
LookupAccountSid(NULL, pTokenUser->User.Sid, lpszUserNameOnly, &dwUserNameOnlyLength, lpszDomain, &dwDomainLength, &snu);

---[snip]---

Hope it helps!

0
 

Author Comment

by:acmy
ID: 1407594
Thanks Daniel that did help - once I'd modified it to handle unicode and used OpenProcess() instead of GetCurrentProcess() it worked.

However, I'm still not clear on why it did not work the way I tried it. Was I simply using the wrong API's to get process info?

Thanks again
0
 
LVL 1

Expert Comment

by:Daniel_E
ID: 1407595
It didn't work with GetCurrentProcess()? Hmm...
I don't know much about these APIs, so I can't tell you what you
did wrong. Why don't you single-step through both codes and
compare results, that would probably give you a good idea on
what you missed.
0
 

Author Comment

by:acmy
ID: 1407596
GetCurrentProcess probably would've worked. It's just not what I wanted. I'm looping through currently running processes and attempting to find out who they are owned. GetCurrentProcess would've only worked for my process
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

zlib is a free compression library (a DLL) on which the popular gzip utility is built.  In this article, we'll see how to use the zlib functions to compress and decompress data in memory; that is, without needing to use a temporary file.  We'll be c…
This article surveys and compares options for encoding and decoding base64 data.  It includes source code in C++ as well as examples of how to use standard Windows API functions for these tasks. We'll look at the algorithms — how encoding and decodi…
This is Part 3 in a 3-part series on Experts Exchange to discuss error handling in VBA code written for Excel. Part 1 of this series discussed basic error handling code using VBA. http://www.experts-exchange.com/videos/1478/Excel-Error-Handlin…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now