473,324 Members | 2,124 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,324 software developers and data experts.

Get account name associated with a running process.

I posted this a short while ago , but I don't think I explained the problem
clearly. Task Manager lists processes running on a local system, including a
"user name" associated with each process (e.g. SYSTEM). My application
needs to check if a particular process is running, and if so get the
associated "owner". I am really trying to determine the security context in
which the process was started. Thanks for any input.

-- Moses
Nov 16 '05 #1
6 21627
Hm. I'm not aware of a way to get the process owner. You can certainly
find the process using the static Process.GetProcesses() or
Process.GetProcessByName() methods, and you can determine the machine it's
running on using the MachineName property of a particular Process instance.
From there, I suppose you'd have to have access to the running machine's
Active Directory and find some way to track down process ownership from
there.

If you don't really need to know who the owner is, but just whether YOU own
it or not, you can perhaps find some non-destructive method call against a
Process instance that is disallowed for non-owners, and execute it in a try
block. I know that Kill() and Close() require that you have ownership, but
obviously those wouldn't be methods you'd call to test if you have
ownership. Maybe an attempt to read the Threads collection or something
like that.

Just some random ideas that might suggest an avenue of exporation for you.

--Bob

"Moses M" <Mm*****@msn.com> wrote in message
news:et**************@TK2MSFTNGP11.phx.gbl...
I posted this a short while ago , but I don't think I explained the problem clearly. Task Manager lists processes running on a local system, including a "user name" associated with each process (e.g. SYSTEM). My application
needs to check if a particular process is running, and if so get the
associated "owner". I am really trying to determine the security context in which the process was started. Thanks for any input.

-- Moses

Nov 16 '05 #2
Thanks Bob. I will keep poking around. A friend suggested I use
OpenProcessToken() which looks to me like "backsliding" into unamaged code!
-- Moses
"Bob Grommes" <bo*@bobgrommes.com> wrote in message
news:eC**************@TK2MSFTNGP10.phx.gbl...
Hm. I'm not aware of a way to get the process owner. You can certainly
find the process using the static Process.GetProcesses() or
Process.GetProcessByName() methods, and you can determine the machine it's
running on using the MachineName property of a particular Process instance. From there, I suppose you'd have to have access to the running machine's
Active Directory and find some way to track down process ownership from
there.

If you don't really need to know who the owner is, but just whether YOU own it or not, you can perhaps find some non-destructive method call against a
Process instance that is disallowed for non-owners, and execute it in a try block. I know that Kill() and Close() require that you have ownership, but obviously those wouldn't be methods you'd call to test if you have
ownership. Maybe an attempt to read the Threads collection or something
like that.

Just some random ideas that might suggest an avenue of exporation for you.

--Bob

"Moses M" <Mm*****@msn.com> wrote in message
news:et**************@TK2MSFTNGP11.phx.gbl...
I posted this a short while ago , but I don't think I explained the problem
clearly. Task Manager lists processes running on a local system,

including a
"user name" associated with each process (e.g. SYSTEM). My application
needs to check if a particular process is running, and if so get the
associated "owner". I am really trying to determine the security context

in
which the process was started. Thanks for any input.

-- Moses


Nov 16 '05 #3
Don't feel guilty; sometimes a little backsliding is just what the doctor
ordered.

P/Invoke and COM Interop are designed, in part, to allow you to get on with
your work even in those areas that .NET doesn't have a managed interface
for. For example, the CLR has virtually no implementation for multimedia
APIs, so you have to resort to P/Invoke to do a simple console beep.

If the truth were known, a lot of the CLR methods are just fig leaves over
P/Invoke calls anyway. How do you think they implement file I/O?

--Bob

"Moses M" <Mm*****@msn.com> wrote in message
news:OH**************@TK2MSFTNGP12.phx.gbl...
Thanks Bob. I will keep poking around. A friend suggested I use
OpenProcessToken() which looks to me like "backsliding" into unamaged code! -- Moses
"Bob Grommes" <bo*@bobgrommes.com> wrote in message
news:eC**************@TK2MSFTNGP10.phx.gbl...
Hm. I'm not aware of a way to get the process owner. You can certainly
find the process using the static Process.GetProcesses() or
Process.GetProcessByName() methods, and you can determine the machine it's running on using the MachineName property of a particular Process

instance.
From there, I suppose you'd have to have access to the running machine's
Active Directory and find some way to track down process ownership from
there.

If you don't really need to know who the owner is, but just whether YOU

own
it or not, you can perhaps find some non-destructive method call against a Process instance that is disallowed for non-owners, and execute it in a

try
block. I know that Kill() and Close() require that you have ownership,

but
obviously those wouldn't be methods you'd call to test if you have
ownership. Maybe an attempt to read the Threads collection or something
like that.

Just some random ideas that might suggest an avenue of exporation for you.
--Bob

Nov 16 '05 #4
Hi Moses:

You are on the right track. See some sample C# code here:

http://www.sellsbrothers.com/askthew...curityprin.htm

--
Scott
http://www.OdeToCode.com

On Wed, 23 Jun 2004 15:53:23 -0600, "Moses M" <Mm*****@msn.com> wrote:
Thanks Bob. I will keep poking around. A friend suggested I use
OpenProcessToken() which looks to me like "backsliding" into unamaged code!
-- Moses


Nov 16 '05 #5
Thanks guys for all the input. I got OpenProcessToken() to work OK for a
local system, but it throws an exception for remote systems (says "Feature
is not supported for remote machines"). Severe limitation for my needs.
Grateful for any more suggestions. Meanwhile I will keep searching among the
thorns and thistles!

-- Moses

"Scott Allen" <bitmask@[nospam].fred.net> wrote in message
news:53********************************@4ax.com...
Hi Moses:

You are on the right track. See some sample C# code here:

http://www.sellsbrothers.com/askthew...curityprin.htm
--
Scott
http://www.OdeToCode.com

On Wed, 23 Jun 2004 15:53:23 -0600, "Moses M" <Mm*****@msn.com> wrote:
Thanks Bob. I will keep poking around. A friend suggested I use
OpenProcessToken() which looks to me like "backsliding" into unamaged code!-- Moses

Nov 16 '05 #6
Use System.Management and the Win32_Process class.
Here's a sample...

using System;
using System.Management;
using System.Diagnostics;
class App {
public static void Main() {
GetProcessInfo(Process.GetCurrentProcess().Handle. ToInt32());
}

static void GetProcessInfo(int handle)
{
using(ManagementObject proc = new
ManagementObject("Win32_Process.Handle='" + handle.ToString() + "'"))
{
proc.Get();
string[] s = new String[2];
//Invoke the method and populate the array with the user name and domain
proc.InvokeMethod("GetOwner",(object[])s);
Console.WriteLine("User: " + s[1]+ "\\" + s[0]);
}
}
}

Willy.

"Moses M" <Mm*****@msn.com> wrote in message
news:et**************@TK2MSFTNGP11.phx.gbl...
I posted this a short while ago , but I don't think I explained the problem
clearly. Task Manager lists processes running on a local system, including
a
"user name" associated with each process (e.g. SYSTEM). My application
needs to check if a particular process is running, and if so get the
associated "owner". I am really trying to determine the security context
in
which the process was started. Thanks for any input.

-- Moses

Nov 16 '05 #7

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

0
by: Rod Kestler | last post by:
After applying the KB Automatic Update #833987 (JPEG Security Issue), our development server suddenly will not allow any IIS 6.0 App Pool running with identity set to ASPNET to run. The Event...
2
by: Moses M | last post by:
I need to get the the user name associated with a running process (Listed as "UserName" in Task Manager Window). The Process Class doesn't seem to provide a direct way for doing this! Thanks --...
3
by: | last post by:
This question references to KB articles: http://support.microsoft.com/default.aspx?scid=kb;EN-US;315158 http://support.microsoft.com/default.aspx?scid=kb;EN-US;317012 I'm running Advanced Server...
7
by: M. Simioni | last post by:
Hi, i'm always auditing ASPNET's account accesses on my webserver, a WIN2K_SP4 + IIS5 + SQLServer2K_SP3a machine. Nearly all the applications work correctly, but i constantly find a message in...
0
by: CESAR DE LA TORRE [MVP] | last post by:
I am using WSE 3.0 with Visual Studio 2005, specifically I'm using Kerberos authentication and passing Kerberos ticket from Presentation Tier (VSTO.2005 client) to Server Tier through our Web...
7
by: Billy Angers | last post by:
My server is running under Windows SBS 2003. I've deleted some directories that was containing Outlook Web Access files, it was done few months ago by mistake. Now I want to use OWA for some...
0
by: robpimentel | last post by:
Hi, I've been using DB2 for about 1 week, so please bear with me. DB2 Connect Enterprise Edition v8.1 FixPack 5 Windows Server 2003 Standard Edition SP1 Here is an error that continues to...
6
by: tsmojver | last post by:
Does anyone know how to retreive the logon account username for a particular windows service? Or the current user that is running this service as a process. C# is the prefered language of choice. ...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.