Delphi-PRAXiS

Delphi-PRAXiS (https://www.delphipraxis.net/forum.php)
-   Win32/Win64 API (native code) (https://www.delphipraxis.net/17-win32-win64-api-native-code/)
-   -   Delphi GetUserAndDomainFromPID Testen (https://www.delphipraxis.net/20459-getuseranddomainfrompid-testen.html)

toms 18. Apr 2004 13:14
GetUserAndDomainFromPID Testen
 
Hi,

Habe eine Funktion GetUserAndDomainFromPID() geschrieben. Diese ermittelt
den Benutzer/Domain eines Prozesses.

Ist noch nicht sehr schön. Vielleicht sieht jemand Verbesserungsvorschläge oder
Fehler.

Kann das mal jemand unter Win2K, WinXP testen?



Delphi-Quellcode:
function GetUserAndDomainFromPID(ProcessId: DWORD;
  var User, Domain: string): Boolean;
var
  hToken: THandle;
  cbBuf: Cardinal;
  ptiUser: PTOKEN_USER;
  snu: SID_NAME_USE;
  ProcessHandle: THandle;
  UserSize, DomainSize: DWORD;
  bSuccess: Boolean;
begin

  Result := False;
  ProcessHandle := OpenProcess(PROCESS_QUERY_INFORMATION, False, ProcessId);
  if ProcessHandle <> 0 then
   // EnableProcessPrivilege(ProcessHandle, 'SeSecurityPrivilege', True);
    if OpenProcessToken(ProcessHandle, TOKEN_QUERY, hToken) then
    begin
      CloseHandle(ProcessHandle);

      bSuccess := GetTokenInformation(hToken, TokenUser, nil, 0, cbBuf);
      ptiUser := nil;
      while (not bSuccess) and (GetLastError = ERROR_INSUFFICIENT_BUFFER) do
      begin
        ReallocMem(ptiUser, cbBuf);
        bSuccess := GetTokenInformation(hToken, TokenUser, ptiUser, cbBuf, cbBuf);
      end;
      CloseHandle(hToken);

      if not bSuccess then
      begin
        Exit;
      end;

      UserSize := 0;
      DomainSize := 0;
      LookupAccountSid(nil, ptiUser.User.Sid, nil, UserSize, nil, DomainSize, snu);
      if (UserSize <> 0) and (DomainSize <> 0) then
      begin
        SetLength(User, UserSize);
        SetLength(Domain, DomainSize);
        if LookupAccountSid(nil, ptiUser.User.Sid, PChar(User), UserSize,
          PChar(Domain), DomainSize, snu) then
        begin
          Result := True;
          User := StrPas(PChar(User));
          Domain := StrPas(PChar(Domain));
        end;
      end;

      if bSuccess then
      begin
        FreeMem(ptiUser);
      end;
    end;
end;

// Test: Alle Prozesse auflisten + Benutzer, Domain anzeigen:
procedure TForm1.Button1Click(Sender: TObject);
var
  hProcSnap: THandle;
  pe32: TProcessEntry32;
  Domain, User: string;
  s: string;
begin

  hProcSnap := CreateToolHelp32SnapShot(TH32CS_SNAPALL, 0);
  if hProcSnap = INVALID_HANDLE_VALUE then Exit;

  pe32.dwSize := SizeOf(ProcessEntry32);

  if Process32First(hProcSnap, pe32) = True then
    while Process32Next(hProcSnap, pe32) = True do
    begin

      if GetUserAndDomainFromPID(pe32.th32ProcessID, User, Domain) then
      begin
        s := Format('%s Benutzer: %s ; Domain: %s',[StrPas(pe32.szExeFile), User, Domain]);
        Listbox1.Items.Add(s);
      end else
        Listbox1.Items.Add(StrPas(pe32.szExeFile));
    end;
  CloseHandle(hProcSnap);
end;

toms 18. Apr 2004 13:30
Re: GetUserAndDomainFromPID Testen
 
Sorry, habe noch was vergessen:

Delphi-Quellcode:
uses
  TlHelp32;

type
  PTOKEN_USER = ^TOKEN_USER;
  _TOKEN_USER = record
    User: TSidAndAttributes;
  end;
  TOKEN_USER = _TOKEN_USER;

Christian Seehase 18. Apr 2004 13:38
Re: GetUserAndDomainFromPID Testen
 
Moin Toms,

scheint soweit zu funktionieren (Leerlaufprozess fehlt)

W2K SP4


Alle Zeitangaben in WEZ +1. Es ist jetzt 14:22 Uhr.

Powered by vBulletin® Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
LinkBacks Enabled by vBSEO © 2011, Crawlability, Inc.
Delphi-PRAXiS (c) 2002 - 2023 by Daniel R. Wolf, 2024 by Thomas Breitkreuz