$theTitle=wp_title(" - ", false); if($theTitle != "") { ?>
About Virtualization, VDI, SBC, Application Compatibility and anything else I feel like
16 Aug // php the_time('Y') ?>
Today I was reusing some old (pre vista) code the retrieves the Logon SID that I wrote a few years ago. The Logon SID is a special SID that identifies a logon session that has the form S-1-5-5-X-Y.
You can view your Logon SID with Process Explorer, right click a GUI process, select Properties and goto the Security Tab:
My code called OpenWindowStation and then passed the obtained handle to GetUserObjectInformation with the UOI_USER_SID index (error handling left out):
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 | function GetLogonSid(var ppsid: PSID): Boolean; var hWinstation: HWINSTA; dwSize : Cardinal; begin Result := False; // Open the WindowStation hWinstation := OpenWindowStation('WinSta0', False, READ_CONTROL); // GetUserObjectInformation returns required size in dwSizeNeeded if not GetUserObjectInformation(hWinStation, UOI_USER_SID, nil, 0, dwSize) then begin // GetUserObjectInformation returns required size GetMem(ppsid, dwSize + 1); GetUserObjectInformation(hWinStation, UOI_USER_SID, ppsid, dwSize, dwSize) then end; // Cleanup CloseWindowStation(hWinStation); Result := True; end; |
On my Windows 7 machine the call to GetUserObjectInformation failed however. GetLastError returns ERROR_ACCESS_DENIED (error 5) with description Access is denied.
The handle returned from OpenWindowStation was valid so I assumed that the ACCESS_MASK was the problem. I replaced READ_CONTROL with WINSTA_READATTRIBUTES and then it worked fine:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 | function GetLogonSid(var ppsid: PSID): Boolean; var hWinstation: HWINSTA; dwSize : Cardinal; begin Result := False; // Open the WindowStation hWinstation := OpenWindowStation('WinSta0', False, WINSTA_READATTRIBUTES); // GetUserObjectInformation returns required size in dwSizeNeeded if not GetUserObjectInformation(hWinStation, UOI_USER_SID, nil, 0, dwSize) then begin // GetUserObjectInformation returns required size GetMem(ppsid, dwSize + 1); GetUserObjectInformation(hWinStation, UOI_USER_SID, ppsid, dwSize, dwSize) then end; // Cleanup CloseWindowStation(hWinStation); Result := True; end; |
One Response for "GetUserObjectInformation fails with Access Denied"
As i remember, OpenWindowStation and OpenDesktop internally were adding some flags before calling NtOpenXXX function (Alex Ionescu has written about it somewhere), so maybe this have changed in Vista or 7.
Leave a reply