Gets the registry information for the active user from the Windows system service (the SessionID of the currently active user. Husertoken of the currently active user)

First, the "active user" is defined as the user who currently owns the desktop. For Windows XP and its later systems, even if multiple users can log in at the same time, there is only one desktop.
If the system-level service calls the Windows API to get the registry key value, the HKEY_CURRENT_USER is not the registry information for the active user, but the registry information for the system user, that is, the Hkey_local_ Under the machine. So how do you get the registry information for the active user (real HKEY_CURRENT_USER) as a system service? The main steps are as follows:

1. The system service program calls Wtsgetactiveconsolesessionid () to get the SessionID of the currently active user.
2. With this sessionid as the parameter, call Wtsqueryusertoken () to get the husertoken of the currently active user.
3. With this husertoken as the parameter, call Duplicatetokenex () to copy a token, such as Hfaketoken.
4. With this hfaketoken as the parameter, call ImpersonateLoggedOnUser () to simulate the environment in which the active user is logged in.
5. Call RegOpenCurrentUser () to open the HKEY_CURRENT_USER of the active user.
6. Call RegOpenKeyEx () to get the registry key value at the specified location.

The code implemented with QT and Windows APIs is as follows:

void Getuserregistryfromsystemservice () {#ifdef q_os_win DWORD sessionId = Wtsgetactiveconsolesessionid (); Qinfo () <<"Session ID =" << sessionId;wchar_t * ppusername[100]; DWORD Sizeofusername; Wtsquerysessioninformation (Wts_current_server_handle, SessionId, Wtsusername, Ppusername, &sizeofusername); Qinfo () <<"Windows User Name =" << Qstring::fromwchararray (*ppusername); Std::wstring Strvalueofbindir = L"Unknown Value"; LONG Regopenresult = ERROR_SUCCESS; HANDLE Husertoken =NULL; HANDLE Hfaketoken =NULL;if (Wtsqueryusertoken (SessionId, &husertoken)) {if (Duplicatetokenex (Husertoken, Token_assign_primary | Token_all_access,0, Securityimpersonation, tokenprimary, &hfaketoken) = =TRUE) {if (ImpersonateLoggedOnUser (Hfaketoken)) {HKEY HKEY; regopenresult = RegOpenCurrentUser (Key_read, &hkey);if (regopenresult! = ERROR_SUCCESS) {qcritical () <<"Failed to call RegOpenCurrentUser (), Error is" << regopenresult;} HKEY Hsubkey; RegOpenKeyEx (HKey, TEXT ("Software\\baidu\\baiduyunguanjia"),0, Key_read, &hsubkey); Getstringregkey (Hsubkey, text ( "InstallDir"), Strvalueofbindir, text (  "Unknown"); RevertToSelf (); } else {qcritical () <<  "Failed to ImpersonateLoggedOnUser ..."; } closehandle (Hfaketoken); } else {qcritical () <<  "Failed to call Duplicatetokenex ... "; } CloseHandle (Husertoken); } else {qcritical () <<  "Failed to get the user token of Sessio n "<< SessionId;} Qinfo () <<  "The value of Registry is" << Qstring::fromwchararray ( Strvalueofbindir.c_str ());  #endif}            

1
• 2
• 3
• 4
• 5
• 6
• 7
• 8
• 9
• Ten
• one
• 2
• (
• )
• +
• +
• /
• 0
• +
• all
• +
• +
• +
• -
• 29
• +
• +
• all
• +
• +
• PNS
• up
i>39
• 48
• all
• /
• /
• /
• /li>
• ,
• ,
• ,
• up-
• -
• +
• -
• +
• $
• +
• -
• -
• -
• --

• 1
• 2
• 3
• 4
• 5
• 6
• 7
• 8
• 9
• 10
• 11
• 12
• 13
• 14
• 15
• 16
• 17
• 18
• 19
• 20
• 21st
• 22
• 23
• 24
• 25
• 26
• 27
• 28
• 29
• 30
• 31
• 32
• 33
• 34
• 35
• 36
• 37
• 38
• 39
• 40
• 41
• 42
• 43
• 44
• 45
• 46
• 47
• 48
• 49
• 50
• 51
• 52
• 53
• 54
• 55
• 56
• 57
• 58
• 59
• 60
• 61
• 62
• 63
• 64

Finally, take the registry information in some ways:

HKEY HKEY; LONG lres = REGOPENKEYEXW (HKEY_LOCAL_MACHINE, L"Software\\perl",0, Key_read, &hkey);BOOL Bexistsandsuccess (Lres = = ERROR_SUCCESS);BOOL Bdoesnotexistsspecifically (Lres = = Error_file_not_found);Std::wstring Strvalueofbindir;Std::wstring Strkeydefaultvalue; Getstringregkey (HKey, L"BinDir", Strvalueofbindir, L"Bad"); Getstringregkey (HKey, L"", Strkeydefaultvalue, L"Bad"); LONG Getstringregkey (HKEY HKEY,ConstStd::wstring &strvaluename,Std::wstring &strvalue,ConstStd::wstring &strdefaultvalue) {strvalue = Strdefaultvalue; WCHAR szbuffer[512]; DWORD dwbuffersize =sizeof (szbuffer); ULONG nerror; Nerror = REGQUERYVALUEEXW (HKey, Strvaluename.c_str (),0, NULL, (LPBYTE) szbuffer, &dwbuffersize);if (error_success = = nerror) {strvalue = Szbuffer;}return nerror;} LONG Getdwordregkey (HKEY HKEY,ConstStd::wstring &strvaluename, DWORD &nvalue, DWORD ndefaultvalue) {nvalue = Ndefaultvalue; DWORD dwBufferSize (sizeof (DWORD)); DWORD Nresult (0); LONG nerror =:: Regqueryvalueexw (HKey, Strvaluename.c_str (),0, NULL, reinterpret_cast<lpbyte> (&nResult), & dwBufferSize); if (error_success = nerror) {nvalue = Nresult;} return nerror;} LONG Getboolregkey (HKEY HKEY, const std::wstring & strValueName, bool &bvalue, bool bDefaultValue) {DWORD Ndefvalue (bdefaultvalue)? 1: 0); DWORD Nresult (Ndefvalue); LONG nerror = Getdwordregkey (HKey, Strvaluename.c_str (), Nresult, Ndefvalue); if (error_success = nerror) {BValue = (nresult! = 0)? true: FALSE;} return nerror;}            

http://blog.csdn.net/nirendao/article/details/52077637

Gets the registry information for the active user from the Windows system service (the SessionID of the currently active user. Husertoken of the currently active user)