Smalltalk Usenets Dolphin Smalltalk

Current SID

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
John Keenan
Reply | Threaded
Open this post in threaded view
|

Current SID

John Keenan
The Windows method ReportEvent is implemented in Dolphin method
AdvApiLibrary>>reportEvent: wType: wCategory: dwEventId:  lpUserSid:
wNumStrings: dwDataSize:  lpStrings: lpRawData:. This method writes an event
which can be viewed with Event Viewer (Eventvwr.exe).

I would like to supply an argument to lpUserSid: which is the Sid of whoever
owns the currently executing process. I have searched high and low through
MSDN and this seems to be a very difficult task.

Does someone know a simple means to get the current Sid?

John Keenan


Blair McGlashan
Reply | Threaded
Open this post in threaded view
|

Re: Current SID

Blair McGlashan
John

You wrote in message
news:[hidden email]...
> ...
> Does someone know a simple means to get the current Sid?

The attached may do what you want, but I will freely admit that NT security
is something of which I am blissfully ignorant.

Otherwise NULL can be passed to ReportEvent in place of the SID.

Regards

Blair

------------------------------------------
| package |
package := Package name: 'Get Process SID'.
package paxVersion: 0;
 basicComment: 'UserLibrary default getProcessSID'.

package basicPackageVersion: ''.

"Add the package scripts"

"Add the class names, loose method names, global names, resource names"
package classNames
 yourself.

package methodNames
 add: #UserLibrary -> #getProcessSID;
 add: #UserLibrary -> #getProcessWindowStation;
 add: #UserLibrary ->
#getUserObjectInformation:nIndex:pvInfo:nLength:lpnLengthNeeded:;
 yourself.

package globalNames
 yourself.

package resourceNames
 yourself.

"Binary Global Names"
package binaryGlobalNames: (Set new
 yourself).
"Resource Names"
package allResourceNames: (Set new
 yourself).

"Add the prerequisite names"
package setPrerequisites: (IdentitySet new
 add: 'Dolphin';
 yourself).

package!

"Class Definitions"!

"Loose Methods"!

!UserLibrary methodsFor!

getProcessSID
 "Answer the SID for the current process."

 | len sid |
 len := DWORD new.
 UserLibrary default
  getUserObjectInformation: UserLibrary default getProcessWindowStation
  nIndex: 4 "UOI_USER_SID"
  pvInfo: nil
  nLength: 0
  lpnLengthNeeded: len.
 sid := ByteArray new: len asInteger.
 UserLibrary default
  getUserObjectInformation: UserLibrary default getProcessWindowStation
  nIndex: 4 "UOI_USER_SID"
  pvInfo: sid
  nLength: len asInteger
  lpnLengthNeeded: len.
 ^sid!

getProcessWindowStation
 "HWINSTA GetProcessWindowStation(VOID);"

 <stdcall: handle GetProcessWindowStation>
 ^self invalidCall
!

getUserObjectInformation: hObj nIndex: nIndex pvInfo: pvInfo nLength:
nLength lpnLengthNeeded: lpnLengthNeeded
 "BOOL GetUserObjectInformation( HANDLE hObj <>, // handle to object int
nIndex <>, // type of information to retrieve PVOID pvInfo <>, //
information buffer DWORD nLength <>, // size of the buffer LPDWORD
lpnLengthNeeded <> // receives required buffer size );"

 <stdcall: bool GetUserObjectInformationA handle sdword void* dword dword*>
 ^self invalidCall
! !
!UserLibrary categoriesFor: #getProcessSID!*-unclassified!public! !
!UserLibrary categoriesFor:
#getProcessWindowStation!*-primitives!*-unclassified!public! !
!UserLibrary categoriesFor:
#getUserObjectInformation:nIndex:pvInfo:nLength:lpnLengthNeeded:!*-primitive
s!*-unclassified!public! !

"End of package definition"!


"Binary Globals"!

"Resources"!


John Keenan
Reply | Threaded
Open this post in threaded view
|

Re: Current SID

John Keenan
Blair,

"Blair McGlashan" <[hidden email]> wrote:
> The attached may do what you want, but I will freely admit that NT
security
> is something of which I am blissfully ignorant.
>
> Otherwise NULL can be passed to ReportEvent in place of the SID.

Your example did the trick.

I was aware that NULL could be passed to ReportEvents in place of the SID.
However, when the SID is NULL the "User:" field displayed by the Event
Viewer is "N/A" (one would think ReportEvents could do better than "N/A"
when the argument is NULL). With your example I now have the "User:" field
properly populated... and what a surprise. I was expecting "Administrator",
"Guest", etc. to appear depending on how I was logged on. Instead it is
populated with "S-1-5-5-0-20714". I see several examples of this in the MSDN
and will now try to figure out what it means.

Many thanks... and congratulations on your new addition.

John Keenan


Free forum by Nabble Edit this page