From: SMTP%"Anthony_Young@ir.com.au" 16-OCT-1997 16:59:18.74 To: "'Guy Bowerman'" , "ntdev@atria.com" CC: Subj: RE: Getting User ID/Name of processes Return-Path: owner-ntdev@atria.com Received: by arisia.gce.com (UCX V4.1-12C, OpenVMS V7.1 VAX); Thu, 16 Oct 1997 16:56:38 -0400 Received: from gw.atria.com (gw.atria.com [192.88.237.2]) by bort.mv.net (8.8.5/mem-951016) with SMTP id EAA25353 for ; Thu, 16 Oct 1997 04:39:32 -0400 (EDT) Received: by gw.atria.com id Wed, 15 Oct 1997 23:03:32 -0400 Received: from ir.com.au by gw.atria.com id Wed, 15 Oct 1997 23:03:24 -0400 Received: by ir.com.au from localhost (router,SLMail V2.5); Thu, 16 Oct 1997 14:03:42 +1000 Received: by ir.com.au from ANTHONY.ir.com.au (150.50.130.218::mail daemon; unverified,SLMail V2.5); Thu, 16 Oct 1997 14:03:42 +1000 Received: by ANTHONY.ir.com.au with Microsoft Mail id <01BCDA33.ABA0F150@ANTHONY.ir.com.au>; Thu, 16 Oct 1997 13:01:51 +1000 Message-ID: <01BCDA33.ABA0F150@ANTHONY.ir.com.au> From: "Tony Young" To: "'Guy Bowerman'" , "ntdev@atria.com" Subject: RE: Getting User ID/Name of processes Date: Thu, 16 Oct 1997 13:06:23 +1000 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: owner-ntdev@atria.com Precedence: bulk Thanks, That's working for me too. However, nobody's been able to tell me yet why the way I tried to do it didn't work. Anyone here have any ideas? Tony... -------------------------------------------------------------- Tony Young tony@ir.com.au Integrated Research Tel: (02) 9966-1066 Level 10, 168 Walker St Fax: (02) 9966-1042 North Sydney, NSW, 2060 Australia http://www.progsoc.uts.edu.au/~tony -------------------------------------------------------------- -----Original Message----- From: Guy Bowerman [SMTP:guyb@informix.com] Sent: Thursday, October 16, 1997 13:05 To: ntdev@atria.com Subject: Re: Getting User ID/Name of processes Try: OpenProcess() OpenProcessToken() GetTokenInformation(hToken, TokenUser, ....) LookupAccountSid() That works for me to get the username at any rate. Regards Guy Tony Young wrote: > > Hey all, > > I need to be able to get the user id/name of a process. > Once I have the PID I attempt to do the following: > > OpenProcess() - using the pid > GetUserObjectSecurity() - using the resulting handle > GetSecurityDescriptorOwner() - using the found security Descriptor > LookupAccountSid() - to find the Account Name for the found SID > > My problem is that LookupAccountSid() always returns with a value of > 1332 - ERROR_NONE_MAPPED (No mapping between account names and > security IDs was done) > > Can someone tell me what I've done wrong? Is there an easier way to do > want I want than the above? The actual code follows - be warned that I > haven't bothered neatening it up to much - I'm just playing atm. > > dwpid has been defined and set elsewhere in the code. > > any help is appreciated > > ---- start code ---- > > HANDLE hProcess; > SECURITY_INFORMATION SecurityInfo = OWNER_SECURITY_INFORMATION; > SECURITY_DESCRIPTOR SecurityDesc; > SID_NAME_USE Use = SidTypeUser; > PSID pSid; > LPTSTR wsAccountName; > LPTSTR wsDomainName; > DWORD dwSecurityDescLength = BUFSIZ; > DWORD dwAccountLen = BUFSIZ; > DWORD dwDomainLen = BUFSIZ; > BOOL bOwnerDefaulted; > char sAccountName[30]; > char sDomainName[30]; > int rc; > > if ((hProcess = OpenProcess(PROCESS_ALL_ACCESS, > FALSE, > (DWORD)dwpid)) == NULL) > rc = GetLastError(); > if (GetUserObjectSecurity(hProcess, > &SecurityInfo, > &SecurityDesc, > dwSecurityDescLength, > &dwSecurityDescLength)) > { > if (GetSecurityDescriptorOwner(&SecurityDesc, > &pSid, > &bOwnerDefaulted)) > { > wsAccountName = (LPTSTR) malloc (dwAccountLen); > wsDomainName = (LPTSTR) malloc (dwDomainLen); > if (LookupAccountSid(NULL, > pSid, > wsAccountName, > &dwAccountLen, > wsDomainName, > &dwDomainLen, > &Use)) > { > WideCharToMultiByte(CP_ACP, > NULL, > wsAccountName, > dwAccountLen, > sAccountName, > sizeof(sAccountName), > NULL, > NULL); > WideCharToMultiByte(CP_ACP, > NULL, > wsDomainName, > dwDomainLen, > sDomainName, > sizeof(sDomainName), > NULL, > NULL); > } > else > rc = GetLastError(); > } > else > rc = GetLastError(); > } > else > rc = GetLastError(); > > ---- end code ---- > > Tony... > -------------------------------------------------------------- > Tony Young tony@ir.com.au > Integrated Research Tel: (02) 9966-1066 > Level 10, 168 Walker St Fax: (02) 9966-1042 > North Sydney, NSW, 2060 > Australia http://www.progsoc.uts.edu.au/~tony > -------------------------------------------------------------- > > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - > [ To unsubscribe, send email to ntdev-request@atria.com with body > UNSUBSCRIBE (the subject is ignored). ] - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - [ To unsubscribe, send email to ntdev-request@atria.com with body UNSUBSCRIBE (the subject is ignored). ] - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - [ To unsubscribe, send email to ntdev-request@atria.com with body UNSUBSCRIBE (the subject is ignored). ]