• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1368
  • Last Modified:

How to List processes by user and session ID

Hi, I need VB6 code to get the list of processes on a PC that works with multiple users and sessions, that is a Windows XP with Terminal Server capabilities, ultra thin clients connect to that server. We found it possible through WMI, but it  consumes lots of  CPU, we need another API method that gives us user and session ID of every process on the machine
0
cyberproject
Asked:
cyberproject
  • 4
  • 2
1 Solution
 
TaconvinoCommented:
This has been a long standing issue for me too.  WMI is slow, and I did find a solution using API only.  I haven't tested this completely yet, so you may want to wait for a few minutes until I get this thing working properly.  The bad thing is that I'm not sure if this works on a Terminal Services environment...

Anyway, if you feel like digging a little deeper, take a look at this:

http://msdn2.microsoft.com/en-us/library/aa382990.aspx

Looks like it may solve your problem completely, but I have not tested it (yet).  I'm curious enough to try to make this work, so I'll do it as soon as I have the time.

Hope this helps!
TCV
0
 
TaconvinoCommented:
OK, managed to get user names from processes... but only SYSTEM and processes runing on the same user name as the user launching the app (that would be me).  For all other processes, I would probably have to use an impersonation token, or something like that.  BUT, I found some working code for XP/2003 machines.  Maybe you can use it:

http://www.xtremevbtalk.com/showthread.php?t=240098

It should be easy to adapt to your needs.

TCV
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
cyberprojectAuthor Commented:
Th last you sent Tacovino, is great. Works perfect if you logged on Windows as administrator. But my soft uses a "Run As" to relunch itself with an admin account, from a restricted user account that was originally logged on Windows. I mean, the user is in a restricted not Admin account, but my soft runs itself with a preconfigured admin account to get all the rights. The thing is that in every aspect I have admin priviledges, but the api WTSEnumProcesses used in the example returns fail in this case.
any ideas? , thanks
0
 
TaconvinoCommented:
As far as I know, there are some privileges regarding processes that not even the Admin group has.  I'm not sure how you implemented the "Run As" part, but if possible, try to make it run under SYSTEM account instead of and Admin account.  Remember that the SYSTEM account you need to use is the "server" system account (the server running terminal services).

TCV
0
 
cyberprojectAuthor Commented:
I tested the project, logging with an admin account normally on the client, and still doesn´t work. That means the server doesn´t give me the right just because my session is remote. I´m logging ini from an ultra thin client hardware client. (www.ncomputing.com). I read that for this api to work I need "query information priviledges", don´t know how to get it.
0
 
TaconvinoCommented:
Same thing for me.  As I posted before, this could involve impersonation, or security token modification... it's a complicated (yet fun) thing to do!  The time I played around with this thing was on a local computer only.  As far as I know, Terminal Services provide a complete set of APIs of its own, although I couldn't find anything that resembles SetTokenInformation in the WTS* set of APIs (look here: http://msdn2.microsoft.com/en-us/library/aa383464.aspx), but apparently it works just the same (http://msdn2.microsoft.com/en-us/library/aa379591.aspx).  The bottom line is, there is a lot of reading and "head banging" involved.

Here is a good example on how you can escalate privileges (it is implemented to kill processes):

http://support.microsoft.com/kb/185215/en-us

Didn't work for me, but maybe you can tweak it a little bit more.

TCV
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now