Delphi-PRAXiS

Delphi-PRAXiS (https://www.delphipraxis.net/forum.php)
-   Library: Windows API / MS.NET Framework API (https://www.delphipraxis.net/20-library-windows-api-ms-net-framework-api/)
-   -   Delphi Benutzer und Domain eines Prozesses anhand der PID ermitteln (https://www.delphipraxis.net/71977-benutzer-und-domain-eines-prozesses-anhand-der-pid-ermitteln.html)

Matze 23. Jun 2006 05:54
Benutzer und Domain eines Prozesses anhand der PID ermitteln
 
toms zeigt hier wie es möglich ist, anhand der Prozess-ID den zugehörigen Benutzernamen und die zugehörige Domain zu ermitteln. omata hat den Code ein wenig verbessert.

Delphi-Quellcode:
uses TlHelp32;

type
  PTOKEN_USER = ^TOKEN_USER;
  _TOKEN_USER = record
    User: TSidAndAttributes;
  end;
  TOKEN_USER = _TOKEN_USER;

function GetUserAndDomainFromPID(ProcessId: DWORD;
                                 var User, Domain: string): Boolean;
var
  hToken: THandle;
  cbBuf: Cardinal;
  ptiUser: PTOKEN_USER;
  snu: SID_NAME_USE;
  ProcessHandle: THandle;
  UserSize, DomainSize: DWORD;
  bSuccess: Boolean;
begin
  Result := False;
  ProcessHandle := OpenProcess(PROCESS_QUERY_INFORMATION, False, ProcessId);
  if ProcessHandle <> 0 then begin
    // EnableProcessPrivilege(ProcessHandle, 'SeSecurityPrivilege', True);
    try
      if OpenProcessToken(ProcessHandle, TOKEN_QUERY, hToken) then
      begin
        try
          ptiUser := nil;
          bSuccess := GetTokenInformation( 
            hToken, TokenUser, nil, 0, cbBuf
          );
          while    not bSuccess
                and (GetLastError = ERROR_INSUFFICIENT_BUFFER) do
          begin
            ReallocMem(ptiUser, cbBuf);
            bSuccess := GetTokenInformation( 
              hToken, TokenUser, ptiUser, cbBuf, cbBuf
            );
          end;

          if bSuccess then begin
            UserSize := 0;
            DomainSize := 0;
            LookupAccountSid( 
              nil, ptiUser.User.Sid, nil, UserSize, nil, DomainSize, snu
            );
            if (UserSize <> 0) and (DomainSize <> 0) then
            begin
              SetLength(User, UserSize);
              SetLength(Domain, DomainSize);
              if LookupAccountSid(nil, ptiUser.User.Sid, PChar(User),
                                  UserSize, PChar(Domain), DomainSize, snu) then
              begin
                Result := True;
                User := StrPas(PChar(User));
                Domain := StrPas(PChar(Domain));
              end;
            end;
          end;
        finally
          if assigned(ptiUser) then
            FreeMem(ptiUser);
          CloseHandle(hToken);
        end;
      end;
    finally
      CloseHandle(ProcessHandle);
    end;
  end;
end;

procedure GetUserAndDomainListFromPID(Liste:TStrings);
var
  hProcSnap: THandle;
  pe32: TProcessEntry32;
  Domain, User: string;
  s: string;
begin
  hProcSnap := CreateToolHelp32SnapShot(TH32CS_SNAPALL, 0);
  if hProcSnap <> INVALID_HANDLE_VALUE then begin
    try
      pe32.dwSize := SizeOf(ProcessEntry32);
      if Process32First(hProcSnap, pe32) then begin
        while Process32Next(hProcSnap, pe32) do begin
          if GetUserAndDomainFromPID(pe32.th32ProcessID, User, Domain) then
          begin
            s := Format( 
              '%s Benutzer: %s ; Domain: %s',
              [StrPas(pe32.szExeFile), User, Domain]
            );
            Liste.Append(s);
          end
          else Liste.Append(StrPas(pe32.szExeFile));
        end;
      end;
    finally
      CloseHandle(hProcSnap);
    end;
  end;
end;

// Test: Alle Prozesse auflisten + Benutzer, Domain anzeigen:
procedure TForm1.Button1Click(Sender: TObject);
begin
  GetUserAndDomainListFromPID(ListBox1.Items);
end;
Suchbegriffe: Username, Benutzername, Benutzer, PID

[edit=Chakotay1308]omatas Code eingefügt. Mfg, Chakotay1308[/edit]


Alle Zeitangaben in WEZ +1. Es ist jetzt 16:57 Uhr.

Powered by vBulletin® Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.
LinkBacks Enabled by vBSEO © 2011, Crawlability, Inc.
Delphi-PRAXiS (c) 2002 - 2023 by Daniel R. Wolf, 2024-2025 by Thomas Breitkreuz