Solved

Get current user from system account 2

Posted on 2001-07-05
9
355 Views
Last Modified: 2010-09-16
Okay,

This question is related to a previous one: How can I get the current interactive logon user from a service running under the system account?

The answer provided by Epsilon was really good, although the circumstances have now changed.

- The Current user is NOT running explorer as shell. Instead, it's running a custom application, which may change for different users.

- The applications to be run as shell, have different class names and window names. The only common thing is the user that's logged on interactively (always same user).

- The Current user may or may NOT be running a shell (the custom application running as a shell may have crashed, hung or exit prematurely)

The service is running under the sytem account and have interact with desktop rights.

I tried looking for winsta0\default, but although it works fine on some computers running 2000 SP2, it fails on those running Win2K Sp1 (always return SYSTEM as user)

Because there's no specific application to look for, I've found no way fo getting ahold a windows handle to identify the owner.

The thing is that the service is kind of a watchdog service that is monitoring the application running as a shell for specific user. The computer autologons this user all the time.

If the application stop responding of exits prematurely, the service must logoff that user (and only that user!)inmediatelly, to cleanup the user environment and reload the application (by logging on the user again via autologon)

Any clues?

Luis
0
Comment
Question by:elkavayo
  • 3
  • 2
  • 2
  • +2
9 Comments
 
LVL 13

Expert Comment

by:Epsylon
ID: 6258621
Are you running an own shell?

Just an idea. When a user logs in, write the handle to the registry. The service can read it back and use it to get the current user.
0
 
LVL 20

Expert Comment

by:Madshi
ID: 6258681
Why not using EnumDesktops and EnumDesktopWindows for each desktop? This way you should get all desktops and all windows of all programs that are running. From the windows you can get the processID (GetWindowThreadProcessID), then I think Epsylon's code should give you the user for each process.

Regards, Madshi.
0
 
LVL 13

Expert Comment

by:Epsylon
ID: 6258702
If EnumDesktopWindows works, then GetDesktopWindows will work to, I guess.
0
The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

 

Author Comment

by:elkavayo
ID: 6259923
first answer to Epsylon. Yes, we are running custom shells. The problem with writing to the registry is that SYSTEM account doesn't have access to HKEY_CURRENT_USER for the logged on user, and the logged on user is an unpriviledge account that doesn't have write access to HKEY_LOCAL_MACHINE. The other thing is: what happens if the application crashes? the handle is still there, but it's invalid, and it's not useful for logging the current user off.

What would GetDesktopwindows help? AFAIK, the windowstation associated with the console is always 'winsta0' and the application desktop is always 'default'. Well, I got a handle to the winsta0\default, and still doesn't work. When the app crashes, there's no other windows open on the desktop.

I have written the following based on Epsylon's code:

function TAATestSvc.Username(var h: HWND): string;
var
  winstaCurrent: HWND;
  dwProcessId: DWORD;
  hProcess, hToken: THandle;
  a: array[0..255] of Char;
  s: Cardinal;
begin                                      
  try
    winstaCurrent := GetProcessWindowStation();
    if winstaCurrent <> 0 then
    begin
      h := winstaCurrent;
      GetWindowThreadProcessId(winstaCurrent, @dwProcessId);
      hProcess := OpenProcess(PROCESS_ALL_ACCESS, FALSE, dwProcessId);
      OpenProcessToken(hProcess, TOKEN_ALL_ACCESS, hToken);
      ImpersonateLoggedOnUser(hToken);
      s := sizeof(a);
      GetUserName(a, s);
      Result := a;
      RevertToSelf;
      CloseHandle(hToken);
      CloseHandle(hProcess);
    end
    else
      result := '';
  except
  end;
end;

It works fine on Win2K Pro with SP2.WinstaCurrent is always 52 (regardless the user or session)
and I can reliably obtain the logon user. When no one is logged on, it returns SYSTEM.

The problem is that on Win2K SP1, it always returns SYSTEM. and I'm not sure which one is right. Is it a bug in SP1 corrected in SP2? Is it that SP2 implemented something that may change in SP3 or XP?

If the SP2 behavior is fine, then I'm set, but I'm not sure I should trust it.
0
 
LVL 13

Expert Comment

by:Epsylon
ID: 6259957
Are you are this is a sp1/sp2 issue and not some difference in the configuration?
0
 
LVL 20

Expert Comment

by:Madshi
ID: 6260056
Please check the return values of all the functions you're using. Does all succeed in your win2k sp1? Maybe one fails? If so, then please tell us the error code.
0
 

Author Comment

by:elkavayo
ID: 6260315
okay, I'm rather confused now.

are these ateps correctes for identifying the logged on user?

1.- Get a HWINSTA for winsta0 (system console: display, keyboard, mouse etc)
2.- Get a HDESK for "application desktop"  (default). That makes winsta0\default
3.- Enum all windows for that desktop.

I guess what we are looking for is a window-handle, in order to get the thread ID or process ID associated with that handle and find out the process o thread owner.

Now what do I do? I get a buch of windows, some of them belong to the logged on user, other to system, other to other services running as different accounts ...


Actually I'm now lacking a procedure, rather than a solution to identify the interactive logged on user.
0
 
LVL 26

Expert Comment

by:Russell Libby
ID: 8702146
No comment has been added lately, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area that this question is:

To be PAQ/Refund

Please leave any comments here within the next seven days.
 
PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!
 
Thank you,
Russell

EE Cleanup Volunteer
0
 

Accepted Solution

by:
PashaMod earned 0 total points
ID: 8818562
Per recommendation,

PashaMod
Community Support Moderator @Experts Exchange
0

Featured Post

Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

A lot of questions regard threads in Delphi.   One of the more specific questions is how to show progress of the thread.   Updating a progressbar from inside a thread is a mistake. A solution to this would be to send a synchronized message to the…
In my programming career I have only very rarely run into situations where operator overloading would be of any use in my work.  Normally those situations involved math with either overly large numbers (hundreds of thousands of digits or accuracy re…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question