Retrieves the user and domain name for the specified process
#include <WinAPIProc.au3>
_WinAPI_GetProcessUser ( [$iPID = 0] )
$iPID | [optional] [optional] The PID of the process. Default (0) is the current process. |
Success: | The array that contains the following information: [0] - The user (account) name. [1] - The domain name. |
Failure: | Sets the @error flag to non-zero. |
Using this function for some processes may require full access rights. Use _WinAPI_AdjustTokenPrivileges()
function to enable $SE_DEBUG_NAME privilege before calling this function.
#RequireAdmin
#include <Array.au3>
#include <WinAPIHObj.au3>
#include <WinAPIProc.au3>
Local $aAdjust, $aList = 0
; Enable "SeDebugPrivilege" privilege for obtain full access rights to another processes
Local $hToken = _WinAPI_OpenProcessToken(BitOR($TOKEN_ADJUST_PRIVILEGES, $TOKEN_QUERY))
_WinAPI_AdjustTokenPrivileges($hToken, $SE_DEBUG_NAME, $SE_PRIVILEGE_ENABLED, $aAdjust)
; Retrieve user names for all processes the system
If Not (@error Or @extended) Then
$aList = ProcessList()
Local $aData
For $i = 1 To $aList[0][0]
$aData = _WinAPI_GetProcessUser($aList[$i][1])
If IsArray($aData) Then
$aList[$i][1] = $aData[0]
Else
$aList[$i][1] = ''
EndIf
Next
EndIf
; Enable SeDebugPrivilege privilege by default
_WinAPI_AdjustTokenPrivileges($hToken, $aAdjust, 0, $aAdjust)
_WinAPI_CloseHandle($hToken)
_ArrayDisplay($aList, '_WinAPI_GetProcessUser')