tunaym Posted February 26, 2015 Share Posted February 26, 2015 (edited) Running my script on 2012 r2. I need to use Processexists for a specific user. I have a script that runs in the background that detects if a process has been closed. Processexists looks at all the users running that process. Is there anyway of looking at a users process instead? Regards Edited February 26, 2015 by tunaym Link to comment Share on other sites More sharing options...
l3ill Posted February 26, 2015 Share Posted February 26, 2015 #include <WinAPIProc.au3> _WinAPI_GetProcessUser ( [$iPID = 0] ) Personally never used it but it looks like it is what your looking for.... zalomalo 1 My Contributions... SnippetBrowser NewSciTE PathFinder Text File Manipulation FTP Connection Tester / INI File - Read, Write, Save & Load Example Link to comment Share on other sites More sharing options...
iamtheky Posted February 26, 2015 Share Posted February 26, 2015 WMI style $wbemFlagReturnImmediately = 0x10 $wbemFlagForwardOnly = 0x20 $colItems = "" $strComputer = "localhost" $Output="" $objWMIService = ObjGet("winmgmts:\\" & $strComputer & "\root\cimv2") $colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_Process", "WQL", _ $wbemFlagReturnImmediately + $wbemFlagForwardOnly) If IsObj($colItems) then For $objItem In $colItems local $name $objItem.GetOwner($name) If $name = @UserName Then $Output = $Output & "ProcessName: " & $objItem.Name & @CRLF $Output = $Output & "Owner: " & $name & @CRLF If Msgbox(1,"WMI Output",$Output) = 2 then ExitLoop $Output="" EndIf Next Else Msgbox(0,"WMI Output","No WMI Objects Found for class: " & "Win32_Process" ) Endif ,-. .--. ________ .-. .-. ,---. ,-. .-. .-. .-. |(| / /\ \ |\ /| |__ __||| | | || .-' | |/ / \ \_/ )/ (_) / /__\ \ |(\ / | )| | | `-' | | `-. | | / __ \ (_) | | | __ | (_)\/ | (_) | | .-. | | .-' | | \ |__| ) ( | | | | |)| | \ / | | | | | |)| | `--. | |) \ | | `-' |_| (_) | |\/| | `-' /( (_)/( __.' |((_)-' /(_| '-' '-' (__) (__) (_) (__) Link to comment Share on other sites More sharing options...
kylomas Posted February 26, 2015 Share Posted February 26, 2015 tunaym, Look i the Help file for _WinAPI_GetProcessUser (as Bill said). There is a ready made example, including setting security. kylomas Forum Rules Procedure for posting code "I like pigs. Dogs look up to us. Cats look down on us. Pigs treat us as equals." - Sir Winston Churchill Link to comment Share on other sites More sharing options...
tunaym Posted February 27, 2015 Author Share Posted February 27, 2015 Thanks for your help guys. This is what i needed, just need to figure out how it works and implement it into my script. Link to comment Share on other sites More sharing options...
kylomas Posted February 27, 2015 Share Posted February 27, 2015 tunaym, You could turn it into a function that returns an array... expandcollapse popup#RequireAdmin #include <Array.au3> #include <WinAPI.au3> #include <WinAPIProc.au3> ;_arraydisplay( _GetProcess_Users('admin010|nancy') ) ;_arraydisplay( _GetProcess_Users('nancy') ) _arraydisplay( _GetProcess_Users() ) func _GetProcess_Users($Users = '*', $sDelimiter = '|') $aUsers = stringsplit($Users, $sDelimiter, 3) ; Enable "SeDebugPrivilege" privilege for obtain full access rights to another process ; old priviledge settings are stored in $aAdjust to restore when finished Local $aAdjust, $aList = 0 Local $hToken = _WinAPI_OpenProcessToken(BitOR($TOKEN_ADJUST_PRIVILEGES, $TOKEN_QUERY)) _WinAPI_AdjustTokenPrivileges($hToken, $SE_DEBUG_NAME, $SE_PRIVILEGE_ENABLED, $aAdjust) If @error Or @extended Then exit msgbox(0,'Error','Error adjusting priviledges') ; Retrieve user names for all processes of the system ; filter return array by Users $aList = ProcessList() Local $aData For $i = $aList[0][0] to 1 step -1 $aData = _WinAPI_GetProcessUser($aList[$i][1]) If not IsArray($aData) Then _arraydelete($aList, $i) ContinueLoop endif if $aUsers[0] = '*' then $aList[$i][1] = 'All' ContinueLoop endif for $j = 0 to UBound($aUsers) - 1 if $aData[0] = $aUsers[$j] then $aList[$i][1] = $aUsers[$j] EndIf next if stringisdigit($aList[$i][1]) then _arraydelete($aList, $i) Next ; Restore old priviledge settings _WinAPI_AdjustTokenPrivileges($hToken, $aAdjust, 0, $aAdjust) _WinAPI_CloseHandle($hToken) _arraydelete($aList, 0) return $aList endfunc This is just an example. You may want to strengthen the error checking. kylomas Forum Rules Procedure for posting code "I like pigs. Dogs look up to us. Cats look down on us. Pigs treat us as equals." - Sir Winston Churchill Link to comment Share on other sites More sharing options...
tunaym Posted March 5, 2015 Author Share Posted March 5, 2015 (edited) Hi þヨⓡᅷ∈℃⊥ Thanks for all your replys. þヨⓡᅷ∈℃⊥ thats what im looking for. Just one question. I cant figure out how to limit the search for only one process. I.E ("taskmgr.exe"). Once i have figured that then i can change the output to call a function if it can't find the process running on that user. Regards Edited March 5, 2015 by tunaym Link to comment Share on other sites More sharing options...
iamtheky Posted March 5, 2015 Share Posted March 5, 2015 expandcollapse popup;--- set process and username to look for ;~ $sProcess = "smss.exe" $sProcess = "notepad.exe" $User = @UserName ;--------------------- $wbemFlagReturnImmediately = 0x10 $wbemFlagForwardOnly = 0x20 $colItems = "" $strComputer = "localhost" $Output="" $objWMIService = ObjGet("winmgmts:\\" & $strComputer & "\root\cimv2") $colItems = $objWMIService.ExecQuery("SELECT * FROM Win32_Process WHERE Name = " & '"' & $sProcess & '"', "WQL", _ $wbemFlagReturnImmediately + $wbemFlagForwardOnly) ;Where Name = " & $sProcess If IsObj($colItems) then For $objItem In $colItems local $username $objItem.GetOwner($username) If $User = $username Then $Output = $Output & "ProcessName: " & $objItem.Name & @CRLF $Output = $Output & "Owner: " & $username & @CRLF If Msgbox(1,"WMI Output",$Output) = 2 then ExitLoop $Output="" Else $Output = $Output & "Process was found, but it is has a different owner" If Msgbox(1,"WMI Output",$Output) = 2 then ExitLoop $Output="" EndIf Next Else Msgbox(0,"WMI Output","No WMI Objects Found for class: " & "Win32_Process" ) Endif ,-. .--. ________ .-. .-. ,---. ,-. .-. .-. .-. |(| / /\ \ |\ /| |__ __||| | | || .-' | |/ / \ \_/ )/ (_) / /__\ \ |(\ / | )| | | `-' | | `-. | | / __ \ (_) | | | __ | (_)\/ | (_) | | .-. | | .-' | | \ |__| ) ( | | | | |)| | \ / | | | | | |)| | `--. | |) \ | | `-' |_| (_) | |\/| | `-' /( (_)/( __.' |((_)-' /(_| '-' '-' (__) (__) (_) (__) Link to comment Share on other sites More sharing options...
tunaym Posted March 5, 2015 Author Share Posted March 5, 2015 That is excatly what i'm looking for. Thank you much appricated. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now