How to get the thread associated user name and domain name

Last Update:2017-02-27 Source: Internet

Author: User

Tags error code thread

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

When writing programs on Windows NT/2000/XP, we sometimes need to obtain the user name and domain name associated with the current calling thread (domain), and this article will demonstrate how to use the Win32 in a Windows NT/2000/XP environment API for security-related functions to obtain user names and domain names.

Before Windows NT, it was generally assumed that a thread was running under the account of the logged-on user. However, after Windows NT comes out, allowing threads to run in multiple security contexts means that one thread is for multiple users. For example, in a client/server (c/s) application, a server thread can impersonate a customer through the ImpersonateNamedPipeClient function. In this case, it runs in the user context of the client. Another example of a thread running in a different security context is the service thread, which has the NT authority domain name and system username and runs under the local System account.

If you need both the username and domain name of the current thread, you must first call OpenThreadToken to open the access token associated with a thread: if(!OpenThreadToken(GetCurrentThread(),　　TOKEN_QUERY, TRUE, &hToken)) { 　　　　if(GetLastError() == ERROR_NO_TOKEN) { 　　　　　　// 　　　　　　// 如果得不到线程令牌，则试图打开进程令牌。　　　　　　// 　　　　　　if(!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &hToken )) { 　　　　　　　　...... 　　　　　　} 　　　　} 　　　　else { 　　　　　　// 　　　　　　// 存取线程令牌出错。　　　　　　// 　　　　　　...... 　　　　} 　　　　...... 　　} If the access token associated with the current thread does not exist, call OpenProcessToken Gets the access token associated with the current process.

Once you get the access token for a thread or process, you can call the GetTokenInformation function to obtain the user security token from the thread's access token, which is SID:

bSuccess = GetTokenInformation(hToken, 　　　　　　　　　　　　　　　　　　　　　　　 TokenUser, 　　　　　　　　　　　　　　　　　　　　　　　 InfoBuffer, 　　　　　　　　　　　　　　　　　　　　　　　 cbInfoBuffer, 　　　　　　　　　　　　　　　　　　　　　　　 &cbInfoBuffer); 　　　　if(!bSuccess) { 　　　　　　...... 　　　　} 　　　　else { 　　　　　　bRet = LookupAccountSid(NULL, ((PTOKEN_USER)InfoBuffer)->User.Sid, 　　　　　　　　　　　　　　　　　　　　　　UserName, 　　　　　　　　　　　　　　　　　　　　　　cchUserName, 　　　　　　　　　　　　　　　　　　　　　　DomainName, 　　　　　　　　　　　　　　　　　　　　　　cchDomainName, 　　　　　　　　　　　　　　　　　　　　　　&snu ); 　　　　　　if (!bRet) { 　　　　　　　　...... 　　　　　　　　CloseHandle(hToken); 　　　　　　　　...... 　　　　　　} 　　　　　　else { 　　　　　　　　// 显示得到的用户名和域名　　　　　　　　SetDlgItemText(IDC_STATIC_USRN,UserName); 　　　　　　　　SetDlgItemText(IDC_STATIC_DOMAIN,DomainName); 　　　　　　　　...... 　　　　　　} 　　　　...... 　　}Finally, call the LookupAccountSid function to get the account name and domain name associated with the SID, and detailed implementation details refer to the example code in this article. Figure one is an example of how the program works:

Figure I get user name and domain name example program

In writing This example program, I would like to write a simple console program. But unfortunately, I came across such a baffled question: calling the LookupAccountSid function in a console program always gets a failed return, and the error code indicated by the GetLastError () function is 14, which means "there is not enough memory to complete this operation." "But calling in a non-console program is no problem. I'm still thinking about the problem at the moment. If any one already knows the reason, may as well instruct twos, lest I detours again .... For the convenience of communication, I provide the console program and the source code of the non console program for reference.

The several 32-bit functions mentioned above do not support Windows 9x. If you want to access domain information for user names and interactive users in Windows 95 or Windows 98 systems, you must call the 16-bit LAN Manager function. Please refer to the MSDN Library for detailed implementation details.

Note: If you just need to get a username, then it's enough to call GetUserName, which supports Windows 9x, Windows NT, and Windows 2000. In Windows NT and Windows 2000 systems, this function first checks whether the calling thread has a dedicated access token and, if so, returns the user name associated with the calling thread, or returns the user name associated with the calling process.

Finally, I wish you all good health! Happy programming!

This article supporting source code

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More