Solved

Get current user from system account 2

Posted on 2001-07-05
9
360 Views
Last Modified: 2010-09-16
Okay,

This question is related to a previous one: How can I get the current interactive logon user from a service running under the system account?

The answer provided by Epsilon was really good, although the circumstances have now changed.

- The Current user is NOT running explorer as shell. Instead, it's running a custom application, which may change for different users.

- The applications to be run as shell, have different class names and window names. The only common thing is the user that's logged on interactively (always same user).

- The Current user may or may NOT be running a shell (the custom application running as a shell may have crashed, hung or exit prematurely)

The service is running under the sytem account and have interact with desktop rights.

I tried looking for winsta0\default, but although it works fine on some computers running 2000 SP2, it fails on those running Win2K Sp1 (always return SYSTEM as user)

Because there's no specific application to look for, I've found no way fo getting ahold a windows handle to identify the owner.

The thing is that the service is kind of a watchdog service that is monitoring the application running as a shell for specific user. The computer autologons this user all the time.

If the application stop responding of exits prematurely, the service must logoff that user (and only that user!)inmediatelly, to cleanup the user environment and reload the application (by logging on the user again via autologon)

Any clues?

Luis
0
Comment
Question by:elkavayo
  • 3
  • 2
  • 2
  • +2
9 Comments
 
LVL 13

Expert Comment

by:Epsylon
ID: 6258621
Are you running an own shell?

Just an idea. When a user logs in, write the handle to the registry. The service can read it back and use it to get the current user.
0
 
LVL 20

Expert Comment

by:Madshi
ID: 6258681
Why not using EnumDesktops and EnumDesktopWindows for each desktop? This way you should get all desktops and all windows of all programs that are running. From the windows you can get the processID (GetWindowThreadProcessID), then I think Epsylon's code should give you the user for each process.

Regards, Madshi.
0
 
LVL 13

Expert Comment

by:Epsylon
ID: 6258702
If EnumDesktopWindows works, then GetDesktopWindows will work to, I guess.
0
Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 

Author Comment

by:elkavayo
ID: 6259923
first answer to Epsylon. Yes, we are running custom shells. The problem with writing to the registry is that SYSTEM account doesn't have access to HKEY_CURRENT_USER for the logged on user, and the logged on user is an unpriviledge account that doesn't have write access to HKEY_LOCAL_MACHINE. The other thing is: what happens if the application crashes? the handle is still there, but it's invalid, and it's not useful for logging the current user off.

What would GetDesktopwindows help? AFAIK, the windowstation associated with the console is always 'winsta0' and the application desktop is always 'default'. Well, I got a handle to the winsta0\default, and still doesn't work. When the app crashes, there's no other windows open on the desktop.

I have written the following based on Epsylon's code:

function TAATestSvc.Username(var h: HWND): string;
var
  winstaCurrent: HWND;
  dwProcessId: DWORD;
  hProcess, hToken: THandle;
  a: array[0..255] of Char;
  s: Cardinal;
begin                                      
  try
    winstaCurrent := GetProcessWindowStation();
    if winstaCurrent <> 0 then
    begin
      h := winstaCurrent;
      GetWindowThreadProcessId(winstaCurrent, @dwProcessId);
      hProcess := OpenProcess(PROCESS_ALL_ACCESS, FALSE, dwProcessId);
      OpenProcessToken(hProcess, TOKEN_ALL_ACCESS, hToken);
      ImpersonateLoggedOnUser(hToken);
      s := sizeof(a);
      GetUserName(a, s);
      Result := a;
      RevertToSelf;
      CloseHandle(hToken);
      CloseHandle(hProcess);
    end
    else
      result := '';
  except
  end;
end;

It works fine on Win2K Pro with SP2.WinstaCurrent is always 52 (regardless the user or session)
and I can reliably obtain the logon user. When no one is logged on, it returns SYSTEM.

The problem is that on Win2K SP1, it always returns SYSTEM. and I'm not sure which one is right. Is it a bug in SP1 corrected in SP2? Is it that SP2 implemented something that may change in SP3 or XP?

If the SP2 behavior is fine, then I'm set, but I'm not sure I should trust it.
0
 
LVL 13

Expert Comment

by:Epsylon
ID: 6259957
Are you are this is a sp1/sp2 issue and not some difference in the configuration?
0
 
LVL 20

Expert Comment

by:Madshi
ID: 6260056
Please check the return values of all the functions you're using. Does all succeed in your win2k sp1? Maybe one fails? If so, then please tell us the error code.
0
 

Author Comment

by:elkavayo
ID: 6260315
okay, I'm rather confused now.

are these ateps correctes for identifying the logged on user?

1.- Get a HWINSTA for winsta0 (system console: display, keyboard, mouse etc)
2.- Get a HDESK for "application desktop"  (default). That makes winsta0\default
3.- Enum all windows for that desktop.

I guess what we are looking for is a window-handle, in order to get the thread ID or process ID associated with that handle and find out the process o thread owner.

Now what do I do? I get a buch of windows, some of them belong to the logged on user, other to system, other to other services running as different accounts ...


Actually I'm now lacking a procedure, rather than a solution to identify the interactive logged on user.
0
 
LVL 26

Expert Comment

by:Russell Libby
ID: 8702146
No comment has been added lately, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area that this question is:

To be PAQ/Refund

Please leave any comments here within the next seven days.
 
PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!
 
Thank you,
Russell

EE Cleanup Volunteer
0
 

Accepted Solution

by:
PashaMod earned 0 total points
ID: 8818562
Per recommendation,

PashaMod
Community Support Moderator @Experts Exchange
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Creating an auto free TStringList The TStringList is a basic and frequently used object in Delphi. On many occasions, you may want to create a temporary list, process some items in the list and be done with the list. In such cases, you have to…
Hello everybody This Article will show you how to validate number with TEdit control, What's the TEdit control? TEdit is a standard Windows edit control on a form, it allows to user to write, read and copy/paste single line of text. Usua…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question