Gets the registry information for the active user from the Windows system service (the SessionID of the currently active user. Husertoken of the currently active user)

Source: Internet
Author: User

First, the "active user" is defined as the user who currently owns the desktop. For Windows XP and its later systems, even if multiple users can log in at the same time, there is only one desktop.
If the system-level service calls the Windows API to get the registry key value, the HKEY_CURRENT_USER is not the registry information for the active user, but the registry information for the system user, that is, the Hkey_local_ Under the machine. So how do you get the registry information for the active user (real HKEY_CURRENT_USER) as a system service? The main steps are as follows:

    1. The system service program calls Wtsgetactiveconsolesessionid () to get the SessionID of the currently active user.
    2. With this sessionid as the parameter, call Wtsqueryusertoken () to get the husertoken of the currently active user.
    3. With this husertoken as the parameter, call Duplicatetokenex () to copy a token, such as Hfaketoken.
    4. With this hfaketoken as the parameter, call ImpersonateLoggedOnUser () to simulate the environment in which the active user is logged in.
    5. Call RegOpenCurrentUser () to open the HKEY_CURRENT_USER of the active user.
    6. Call RegOpenKeyEx () to get the registry key value at the specified location.

The code implemented with QT and Windows APIs is as follows:

void Getuserregistryfromsystemservice () {#ifdef q_os_win DWORD sessionId = Wtsgetactiveconsolesessionid (); Qinfo () <<"Session ID =" << sessionId;wchar_t * ppusername[100]; DWORD Sizeofusername; Wtsquerysessioninformation (Wts_current_server_handle, SessionId, Wtsusername, Ppusername, &sizeofusername); Qinfo () <<"Windows User Name =" << Qstring::fromwchararray (*ppusername); Std::wstring Strvalueofbindir = L"Unknown Value"; LONG Regopenresult = ERROR_SUCCESS; HANDLE Husertoken =NULL; HANDLE Hfaketoken =NULL;if (Wtsqueryusertoken (SessionId, &husertoken)) {if (Duplicatetokenex (Husertoken, Token_assign_primary | Token_all_access,0, Securityimpersonation, tokenprimary, &hfaketoken) = =TRUE) {if (ImpersonateLoggedOnUser (Hfaketoken)) {HKEY HKEY; regopenresult = RegOpenCurrentUser (Key_read, &hkey);if (regopenresult! = ERROR_SUCCESS) {qcritical () <<"Failed to call RegOpenCurrentUser (), Error is" << regopenresult;} HKEY Hsubkey; RegOpenKeyEx (HKey, TEXT ("Software\\baidu\\baiduyunguanjia"),0, Key_read, &hsubkey); Getstringregkey (Hsubkey, text ( "InstallDir"), Strvalueofbindir, text (  "Unknown"); RevertToSelf (); } else {qcritical () <<  "Failed to ImpersonateLoggedOnUser ..."; } closehandle (Hfaketoken); } else {qcritical () <<  "Failed to call Duplicatetokenex ... "; } CloseHandle (Husertoken); } else {qcritical () <<  "Failed to get the user token of Sessio n "<< SessionId;} Qinfo () <<  "The value of Registry is" << Qstring::fromwchararray ( Strvalueofbindir.c_str ());  #endif}            
      1
    • 2
    • 3
    • 4
    • 5
    • 6
    • 7
    • 8
    • 9
    • Ten
    • one
    • 2
    • (
    • )
    • +
    • +
    • /
    • 0
    • +
    • all
    • +
    • +
    • +
    • -
    • 29
    • +
    • +
    • all
    • +
    • +
    • PNS
    • up
    • i>39
    • 48
    • all
    • /
    • /
    • /
    • /li>
    • ,
    • ,
    • ,
    • up-
    • -
    • +
    • -
    • +
    • $
    • +
    • -
    • -
    • -
    • --
    • 1
    • 2
    • 3
    • 4
    • 5
    • 6
    • 7
    • 8
    • 9
    • 10
    • 11
    • 12
    • 13
    • 14
    • 15
    • 16
    • 17
    • 18
    • 19
    • 20
    • 21st
    • 22
    • 23
    • 24
    • 25
    • 26
    • 27
    • 28
    • 29
    • 30
    • 31
    • 32
    • 33
    • 34
    • 35
    • 36
    • 37
    • 38
    • 39
    • 40
    • 41
    • 42
    • 43
    • 44
    • 45
    • 46
    • 47
    • 48
    • 49
    • 50
    • 51
    • 52
    • 53
    • 54
    • 55
    • 56
    • 57
    • 58
    • 59
    • 60
    • 61
    • 62
    • 63
    • 64

Finally, take the registry information in some ways:

HKEY HKEY; LONG lres = REGOPENKEYEXW (HKEY_LOCAL_MACHINE, L"Software\\perl",0, Key_read, &hkey);BOOL Bexistsandsuccess (Lres = = ERROR_SUCCESS);BOOL Bdoesnotexistsspecifically (Lres = = Error_file_not_found);Std::wstring Strvalueofbindir;Std::wstring Strkeydefaultvalue; Getstringregkey (HKey, L"BinDir", Strvalueofbindir, L"Bad"); Getstringregkey (HKey, L"", Strkeydefaultvalue, L"Bad"); LONG Getstringregkey (HKEY HKEY,ConstStd::wstring &strvaluename,Std::wstring &strvalue,ConstStd::wstring &strdefaultvalue) {strvalue = Strdefaultvalue; WCHAR szbuffer[512]; DWORD dwbuffersize =sizeof (szbuffer); ULONG nerror; Nerror = REGQUERYVALUEEXW (HKey, Strvaluename.c_str (),0, NULL, (LPBYTE) szbuffer, &dwbuffersize);if (error_success = = nerror) {strvalue = Szbuffer;}return nerror;} LONG Getdwordregkey (HKEY HKEY,ConstStd::wstring &strvaluename, DWORD &nvalue, DWORD ndefaultvalue) {nvalue = Ndefaultvalue; DWORD dwBufferSize (sizeof (DWORD)); DWORD Nresult (0); LONG nerror =:: Regqueryvalueexw (HKey, Strvaluename.c_str (),0, NULL, reinterpret_cast<lpbyte> (&nResult), & dwBufferSize); if (error_success = nerror) {nvalue = Nresult;} return nerror;} LONG Getboolregkey (HKEY HKEY, const std::wstring & strValueName, bool &bvalue, bool bDefaultValue) {DWORD Ndefvalue (bdefaultvalue)? 1: 0); DWORD Nresult (Ndefvalue); LONG nerror = Getdwordregkey (HKey, Strvaluename.c_str (), Nresult, Ndefvalue); if (error_success = nerror) {BValue = (nresult! = 0)? true: FALSE;} return nerror;}            

http://blog.csdn.net/nirendao/article/details/52077637

Gets the registry information for the active user from the Windows system service (the SessionID of the currently active user. Husertoken of the currently active user)

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.