Solved

How to List processes by user and session ID

Posted on 2007-11-19
7
1,317 Views
Last Modified: 2008-02-01
Hi, I need VB6 code to get the list of processes on a PC that works with multiple users and sessions, that is a Windows XP with Terminal Server capabilities, ultra thin clients connect to that server. We found it possible through WMI, but it  consumes lots of  CPU, we need another API method that gives us user and session ID of every process on the machine
0
Comment
Question by:cyberproject
  • 4
  • 2
7 Comments
 
LVL 17

Expert Comment

by:Shanmuga Sundaram
ID: 20320055
0
 
LVL 6

Expert Comment

by:Taconvino
ID: 20320581
This has been a long standing issue for me too.  WMI is slow, and I did find a solution using API only.  I haven't tested this completely yet, so you may want to wait for a few minutes until I get this thing working properly.  The bad thing is that I'm not sure if this works on a Terminal Services environment...

Anyway, if you feel like digging a little deeper, take a look at this:

http://msdn2.microsoft.com/en-us/library/aa382990.aspx

Looks like it may solve your problem completely, but I have not tested it (yet).  I'm curious enough to try to make this work, so I'll do it as soon as I have the time.

Hope this helps!
TCV
0
 
LVL 6

Expert Comment

by:Taconvino
ID: 20334647
OK, managed to get user names from processes... but only SYSTEM and processes runing on the same user name as the user launching the app (that would be me).  For all other processes, I would probably have to use an impersonation token, or something like that.  BUT, I found some working code for XP/2003 machines.  Maybe you can use it:

http://www.xtremevbtalk.com/showthread.php?t=240098

It should be easy to adapt to your needs.

TCV
0
Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 

Author Comment

by:cyberproject
ID: 20343835
Th last you sent Tacovino, is great. Works perfect if you logged on Windows as administrator. But my soft uses a "Run As" to relunch itself with an admin account, from a restricted user account that was originally logged on Windows. I mean, the user is in a restricted not Admin account, but my soft runs itself with a preconfigured admin account to get all the rights. The thing is that in every aspect I have admin priviledges, but the api WTSEnumProcesses used in the example returns fail in this case.
any ideas? , thanks
0
 
LVL 6

Expert Comment

by:Taconvino
ID: 20348224
As far as I know, there are some privileges regarding processes that not even the Admin group has.  I'm not sure how you implemented the "Run As" part, but if possible, try to make it run under SYSTEM account instead of and Admin account.  Remember that the SYSTEM account you need to use is the "server" system account (the server running terminal services).

TCV
0
 

Author Comment

by:cyberproject
ID: 20351457
I tested the project, logging with an admin account normally on the client, and still doesn´t work. That means the server doesn´t give me the right just because my session is remote. I´m logging ini from an ultra thin client hardware client. (www.ncomputing.com). I read that for this api to work I need "query information priviledges", don´t know how to get it.
0
 
LVL 6

Accepted Solution

by:
Taconvino earned 500 total points
ID: 20352305
Same thing for me.  As I posted before, this could involve impersonation, or security token modification... it's a complicated (yet fun) thing to do!  The time I played around with this thing was on a local computer only.  As far as I know, Terminal Services provide a complete set of APIs of its own, although I couldn't find anything that resembles SetTokenInformation in the WTS* set of APIs (look here: http://msdn2.microsoft.com/en-us/library/aa383464.aspx), but apparently it works just the same (http://msdn2.microsoft.com/en-us/library/aa379591.aspx).  The bottom line is, there is a lot of reading and "head banging" involved.

Here is a good example on how you can escalate privileges (it is implemented to kill processes):

http://support.microsoft.com/kb/185215/en-us

Didn't work for me, but maybe you can tweak it a little bit more.

TCV
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Introduction While answering a recent question (http://www.experts-exchange.com/Q_27402310.html) in the VB classic zone, I wrote some VB code in the (Office) VBA environment, rather than fire up my older PC.  I didn't post completely correct code o…
Background What I'm presenting in this article is the result of 2 conditions in my work area: We have a SQL Server production environment but no development or test environment; andWe have an MS Access front end using tables in SQL Server but we a…
Show developers how to use a criteria form to limit the data that appears on an Access report. It is a common requirement that users can specify the criteria for a report at runtime. The easiest way to accomplish this is using a criteria form that a…
This lesson covers basic error handling code in Microsoft Excel using VBA. This is the first lesson in a 3-part series that uses code to loop through an Excel spreadsheet in VBA and then fix errors, taking advantage of error handling code. This l…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question