获取与桌面关联的登录Windows用户名
[英]Get the logged in Windows user name associated with a desktop
问题描述
I wish to enumerate all desktops in a system and get the logged in user name for that desktop. 
我希望枚举系统中的所有桌面并获取该桌面的登录用户名。 So far I have the following code snippit as an example of obtaining a HDESK handle and trying to determine the user name associated with it (if any), but the call to LookupAccountSid fails with ERROR_NONE_MAPPED ("No mapping between account names and security IDs was done"). 到目前为止,我有以下代码snippit作为获取HDESK句柄并尝试确定与其关联的用户名(如果有)的示例,但对LookupAccountSid的调用失败,ERROR_NONE_MAPPED(“帐户名和安全ID之间没有映射是完成“)。
HDESK desk = OpenDesktop( "Default", 0, FALSE, READ_CONTROL | DESKTOP_READOBJECTS );
DWORD size = 4096;
SID * sid = (SID *)malloc( size );
GetUserObjectInformation( desk , UOI_USER_SID, sid, size, &size );
char name[512], domain[512];
int namesz = 512, domainsz = 512;
LookupAccountSid( NULL, sid, &name, &namesz, &domain, &domainsz, &s);
It might be because I am pulling out a logon SID via GetUserObjectInformation rather then a user SID. 这可能是因为我通过GetUserObjectInformation而不是用户SID提取登录SID。 If so can I convert that to the logged in users SID? 如果可以,我可以将其转换为登录用户SID?
Can anybody point me in the right direction for getting the logged in user name for an arbitrary desktop (via either it's respective HDESK or HNWD handle or even the desktop's stations HWINSTA handle)? 任何人都可以指出我正确的方向来获取任意桌面的登录用户名(通过它各自的HDESK或HNWD手柄,甚至是台式机的HWINSTA手柄)? thanks in advance. 提前致谢。
6 个解决方案
解决方案1
2 2010-01-07 22:03:50
If what you want is the user information then this will work. 如果你想要的是用户信息,那么这将是有效的。
call WTSEnumerateSessions to obtain an array of WTS_SESSION_INFO structures. 调用WTSEnumerateSessions以获取WTS_SESSION_INFO结构的数组。 for each structure, pass the SessionId member to WTSQuerySessionInformation with the WTSInfoClass member set to WTSUserName. 对于每个结构,将SessionId成员传递给WTSQuerySessionInformation,并将WTSInfoClass成员设置为WTSUserName。 This will give you the name of the user (if there is one) associated with the session. 这将为您提供与会话关联的用户名(如果有)。
Alternatively you can set the WTSInfoClass to WTSSessionInfo and get a WTSINFO structure back. 或者,您可以将WTSInfoClass设置为WTSSessionInfo并返回WTSINFO结构。 This contains a lot of information including the user name and domain. 这包含许多信息,包括用户名和域。 Look at the header file definition of WTSINFO though as the MSDN page is wrong. 虽然MSDN页面错误,但请查看WTSINFO的头文件定义。
You have to call WTSEnumerateSessions twice, once to get the required buffer size and then once to get your information. 您必须两次调用WTSEnumerateSessions,一次获取所需的缓冲区大小,然后一次获取您的信息。
Relationships: One or more Desktop objects are in a Windows Station. 关系:一个或多个桌面对象位于Windows Station中。 A Windows Station is associated with a Session. Windows Station与会话关联。
解决方案2
2 2010-01-10 10:14:49
The problem is that desktops aren't associated with users at all. 问题是桌面根本不与用户相关联。 Try using psexec to run Notepad under the SYSTEM account. 尝试使用psexec在SYSTEM帐户下运行记事本。 It's running on your window station, on your desktop. 它在您的桌面上运行在您的桌面上。 Otherwise, you wouldn't be able to see it. 否则,你将无法看到它。
But if you want to get the session associated with the window station, then yes it's possible. 但是如果你想得到与窗口站关联的会话,那么是的,这是可能的。 You need to call NtQueryObject with ObjectNameInformation to get the name of the object. 您需要使用ObjectNameInformation调用NtQueryObject来获取对象的名称。 For example, here's what I get: \\Sessions\\1\\Windows\\WindowStations\\WinSta0 . 例如,这是我得到的: \\Sessions\\1\\Windows\\WindowStations\\WinSta0 。 There's your session ID. 有你的会话ID。
解决方案3
0 2013-07-31 13:59:03
Correct code that worked for me: 正确的代码对我有用:
TCHAR username[UNLEN + 1];
DWORD size = UNLEN + 1;
GetUserName((TCHAR*)username, &size);
I'm using Visual Studio Express 2012 on Windows 7 x86 我在Windows 7 x86上使用Visual Studio Express 2012
解决方案4
0 2010-01-12 16:59:47
This is not a solution but is a good description of station/desktop. 这不是解决方案,但是对站/桌面的良好描述。 From http://www.microsoft.com/technet/security/bulletin/fq00-020.mspx 来自http://www.microsoft.com/technet/security/bulletin/fq00-020.mspx
What's a windows station? 什么是Windows工作站? A windows station is a secure container that contains a clipboard, some global information, and a set of one or more desktops. Windows工作站是一个安全的容器,包含剪贴板,一些全局信息和一组一个或多个桌面。 A Windows 2000 session will have several windows stations, one assigned to the logon session of the interactive user, and others assigned to the Winlogon process, the secure screen saver process, and any service that runs in a security context other than that of the interactive user. Windows 2000会话将具有多个Windows工作站,一个分配给交互式用户的登录会话,另一个分配给Winlogon进程,安全屏幕保护程序以及在除交互式安全上下文之外的安全上下文中运行的任何服务用户。 The interactive window station assigned to the logon session of the interactive user also contains the keyboard, mouse, and display device. 分配给交互式用户的登录会话的交互式窗口站还包含键盘,鼠标和显示设备。 The interactive window station is visible to the user and can receive input from the user. 交互式窗口站对用户可见,并且可以从用户接收输入。 All other window stations are noninteractive, which means that they cannot be made visible to the user, and cannot receive user input. 所有其他窗口站都是非交互式的,这意味着它们不能对用户可见,并且不能接收用户输入。
What's a desktop? 什么是桌面? A desktop is a secure container object that is contained within a window station. 桌面是一个安全的容器对象,包含在一个窗口站中。 There may be many desktops contained within a windows station. Windows工作站中可能包含许多桌面。 A desktop has a logical display surface and contains windows, menus, and hooks. 桌面具有逻辑显示表面,包含窗口,菜单和挂钩。 Only the desktops of the interactive window station can be visible and receive user input. 只能看到交互式窗口站的桌面并接收用户输入。 On the interactive window station, only one desktop at a time is active. 在交互式窗口工作站上,一次只有一个桌面处于活动状态。 This active desktop, also known as the input desktop, is the one that is currently visible to the user and that receives user input. 此活动桌面(也称为输入桌面)是用户当前可见并接收用户输入的桌面。
解决方案5
0 2010-01-13 20:58:49
您可以从%USERPROFILE%环境变量的末尾提取它
解决方案6
0 2010-01-14 15:03:30
nbtstat used to be able to do this from the command line, with either a machine name or IP address. nbtstat曾经能够从命令行执行此操作,具有计算机名称或IP地址。 It's been a long time since I looked at it, though. 不过,我看了很长时间。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.