C/C++ : How to get the remote logged on user from IP address

Hi,

My problem is, I want to retrieve the logged on user on remote machine. I will have remote machine's IP address. Is there any way to retrieve the information which says that the use XXX has been logged on this machine?

Thanks
LVL 1
deshawAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

jkrCommented:
You could use the following code to list all users on any remote machine:
//--------------------------------------------------------------------
//
// DisplayLocalLogons
//
// Scans the HKEY_USERS key of the specified computer to see who
// has their profile loaded. Returns true if someone is logged on.
//
//--------------------------------------------------------------------
BOOLEAN DisplayLocalLogons( LPWSTR ServerName, LPWSTR UserName  )
{
    BOOLEAN          first = TRUE;
   TCHAR          errorMessage[1024];
   TCHAR          userName[MAX_NAME_STRING], domainName[MAX_NAME_STRING];
   TCHAR          subKeyName[MAX_PATH];
   DWORD          subKeyNameSize, index;
   DWORD          userNameSize, domainNameSize;
   FILETIME     lastWriteTime;
   HKEY          usersKey;
   PSID          sid;
   SID_NAME_USE sidType;
   SID_IDENTIFIER_AUTHORITY authority;
    BYTE          subAuthorityCount;
   DWORD          authorityVal, revision;
   DWORD          subAuthorityVal[8] = { 0, 0, 0, 0, 0, 0, 0, 0 };
   
   //
   // Use RegConnectRegistry so that we work with remote computers
   //
    if( ServerName ) {
         
         wprintf(L"Connecting to Registry of %s...", ServerName );
         fflush( stdout );
 
         if( RegConnectRegistry( ServerName, HKEY_USERS, &usersKey ) != ERROR_SUCCESS) {
       
              wprintf(L"\r                                                      \r");
              wprintf( L"Error opening HKEY_USERS for %s\n", ServerName );
              return FALSE;
         }
         wprintf(L"\r                                                      \r");
 
    } else {
 
         if( RegOpenKey( HKEY_USERS, NULL, &usersKey ) != ERROR_SUCCESS ) {
 
              wprintf( errorMessage, L"Error opening HKEY_USERS" );
              PrintWin32Error( errorMessage, GetLastError() );
              return FALSE;
         }
    }
 
    //
   // Enumerate keys under HKEY_USERS
   //
   index = 0;
   subKeyNameSize = sizeof( subKeyName );
   while( RegEnumKeyEx( usersKey, index, subKeyName, &subKeyNameSize,
                        NULL, NULL, NULL, &lastWriteTime ) == ERROR_SUCCESS ) {
 
       //
       // Ignore the default subkey and win2K user class subkeys
       //
       if( wcsicmp( subKeyName, L".default" ) &&
              !wcsstr( subKeyName, L"Classes")) {
 
              //
              // Convert the textual SID into a binary SID
              //
           subAuthorityCount= swscanf( subKeyName, L"S-%d-%x-%lu-%lu-%lu-%lu-%lu-%lu-%lu-%lu",
                                       &revision, &authorityVal,
                                       &subAuthorityVal[0],
                                       &subAuthorityVal[1],
                                       &subAuthorityVal[2],
                                       &subAuthorityVal[3],
                                       &subAuthorityVal[4],
                                       &subAuthorityVal[5],
                                       &subAuthorityVal[6],
                                       &subAuthorityVal[7] );
 
           if( subAuthorityCount >= 3 ) {
 
               subAuthorityCount -= 2;
               
               //
               // Note: we can only deal with authority values
               // of 4 bytes in length
               //
               authority.Value[5] = *(PBYTE) &authorityVal;
               authority.Value[4] = *((PBYTE) &authorityVal+1);
               authority.Value[3] = *((PBYTE) &authorityVal+2);
               authority.Value[2] = *((PBYTE) &authorityVal+3);
               authority.Value[1] = 0;
               authority.Value[0] = 0;
 
                   //
               // Initialize variables for subsequent operations
               //
               sid = NULL;
               userNameSize   = MAX_NAME_STRING;
               domainNameSize = MAX_NAME_STRING;
 
               if( AllocateAndInitializeSid( &authority,
                                              subAuthorityCount,
                                              subAuthorityVal[0],
                                              subAuthorityVal[1],
                                              subAuthorityVal[2],
                                              subAuthorityVal[3],
                                              subAuthorityVal[4],
                                              subAuthorityVal[5],
                                              subAuthorityVal[6],
                                              subAuthorityVal[7],
                                              &sid )) {
 
                        //
                        // We can finally lookup the account name
                        //
                        if( LookupAccountSid( ServerName,
                                                   sid,
                                                    userName,
                                                   &userNameSize,
                                                   domainName,
                                                   &domainNameSize,
                                                   &sidType )) {
 
                             //
                             // We've successfully looked up the user name
                             //
                           if( first && !UserName ) {
                               
                                   wprintf(L"Users logged on locally:\n");
                                  first = FALSE;
                           }
                           if( !UserName || !wcsicmp( UserName, userName )) {
                             
                                first = FALSE;
                                if( UserName ) wprintf(RESETLINE L"%s\\%s logged onto %s locally.\n",
                                                                 domainName, UserName, ServerName );
                                else                 wprintf( L"     %s\\%s\n", domainName, userName );
                           }                              
                         }
               }              
                if( sid ) FreeSid( sid );
           }
       }
       subKeyNameSize = sizeof( subKeyName );
       index++;
   }
    RegCloseKey( usersKey );
 
    if( first && !UserName ) wprintf(L"No one is logged on locally.\n");
    return !first;
}

Open in new window

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
SreejithGCommented:
the source code you are looking for is avilable in
http://read.pudn.com/downloads/sourcecode/windows/system/1439/LOGGEDON.C__.htm
0
deshawAuthor Commented:
I have removed most of errors but I am not able to remove below errors. Could anyone tell me how to remove it. One more thing I dont know why this code expect UNICODE defined? I am compiling code in Release mode.

Error259      error C2664: 'wcsicmp' : cannot convert parameter 1 from 'LPSTR' to 'const wchar_t *'            
Error260      error C2665: 'wcsstr' : none of the 2 overloads could convert all the argument types            
Error261      error C2664: 'swscanf' : cannot convert parameter 1 from 'LPSTR' to 'const wchar_t       
Error262      error C2664: 'wcsicmp' : cannot convert parameter 2 from 'LPSTR' to 'const wchar_t *'

Thanks            
0
OWASP: Forgery and Phishing

Learn the techniques to avoid forgery and phishing attacks and the types of attacks an application or network may face.

deshawAuthor Commented:
The condition "if( subAuthorityCount >= 3 ) {" never gets true and as a result it always says "No user logged on". Please let me know if you know the reason for this,

Thanks,
0
deshawAuthor Commented:
Sorry, missed to tell you that I have used type casting - "(LPSTR)subKeyName"  and all errors went off.

0
jkrCommented:
>>I have used type casting - "(LPSTR)subKeyName"  and all errors went off.

Actually, it is not a good idea to typecast here - bettre set your project to UNICODE to get rid of these issues, this ensures that the code does not only compile but also run.
0
deshawAuthor Commented:
Thanks, ikr
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
C++

From novice to tech pro — start learning today.