堆栈内存溢出
  简体   繁体   English

如何从以 SYSTEM 身份运行的进程中可靠地获取登录用户名/sid?

[英]How to reliably get LOGON USER name/sid from a process running as SYSTEM?

 原文  2023-01-17 10:20:55       c#/ c++/ windows/ winapi

问题描述

I have an app that runs (on the interactive desktop) as SYSTEM.我有一个以 SYSTEM 身份运行(在交互式桌面上)的应用程序。 The app needs to start a browser or email client AS THE CURRENTLY LOGGED-IN USER .该应用程序需要以当前登录的用户身份启动浏览器或 email 客户端。

I thought I could just go look at the desktop, windows station, or session, and be able to determine which user's logon desktop I was running in. However, when I got user information from desktop, windows station, and session, they all seemed to be special accounts (eg "LogonSessionId_0_4005652").本来以为只需要go看桌面,windows站,session,就可以判断自己是在哪个用户的登录桌面上运行的。但是,从桌面,windows站,session获取用户信息的时候,好像都是成为特殊帐户(例如“LogonSessionId_0_4005652”)。

The one approach that seemed promising was calling WTSQuerySessionInformationW(WTS_CURRENT_SERVER_HANDLE, WTS_CURRENT_SESSION, WTSUserName, ...) .一种看起来很有希望的方法是调用WTSQuerySessionInformationW(WTS_CURRENT_SERVER_HANDLE, WTS_CURRENT_SESSION, WTSUserName, ...) That yielded the logon user's name, and I could call LookupAccountNameW() to get the SID.这产生了登录用户的名称,我可以调用LookupAccountNameW()来获取 SID。

This bit from Microsoft's documentation on WTSQuerySessionInformationW makes me a bit uncomfortable though...微软关于 WTSQuerySessionInformationW 的文档中的这一点让我有点不舒服……

Retrieves session information for the specified session on the specified Remote Desktop Session Host (RD Session Host) server .在指定的远程桌面 Session 主机 (RD Session 主机) 服务器上检索指定 session 的 session 信息。 (emphasis mine) (强调我的)

...and also... ...并且...

If Remote Desktop Services is not running, calls to WTSQuerySessionInformation fail.如果远程桌面服务未运行,则对 WTSQuerySessionInformation 的调用将失败。

I seem to remember that Home editions previous Windows releases didn't support Remote Desktop.我似乎记得家庭版以前的 Windows 版本不支持远程桌面。 Our app targets Windows 10 and 11. Can I be certain that the WTSQuerySessionInformationW call will work for all users?我们的应用程序针对 Windows 10 和 11。我可以确定WTSQuerySessionInformationW调用对所有用户都有效吗?

1 个解决方案

解决方案1
 3 已采纳  2023-01-17 11:27:23

ProcessIdToSessionId on yourself and then WTSQueryUserToken should give you a token you can use with CreateProcessAsUser .你自己的ProcessIdToSessionId然后WTSQueryUserToken应该给你一个可以与CreateProcessAsUser一起使用的令牌。

Another alternative is FindWindow to find the taskbar and duplicate the Explorer.exes token.另一种方法是使用FindWindow查找任务栏并复制 Explorer.exes 标记。 This will not work if Explorer is not running.如果资源管理器未运行,这将不起作用。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 从登录ID获取用户SID(Windows XP及更高版本) - Get User SID From Logon ID (Windows XP and Up) 如何在C#中获取登录SID - How to get the logon SID in C# 如何获取属于本地系统组的域用户 SID - how to get domain user SID which is part of local system group 如何通过ldap中的域名获取用户的用户名和SID - How to get username and SID for user by a domain name in ldap 如何从服务器获取用户的SID? - How do I get the user's SID from the server? 如何从 .Net 中的 UserPrincipal 获取下级登录名 - How to get down-level logon name from UserPrincipal in .Net 如何从用户进程等待系统进程? - How to wait on a system process from a user process? 如何从机器 sid 获取/查找域 sid - How to get/find domain sid from machine sid 如何获取当前登录的用户SID - How to get current logged in user SID 如何获得真实的运行进程名称? - How to get real running process name?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM