How to detect user context

TheMSsForum.com: The Microsoft Software Forum

An application can request my driver for some service. I want to know the
user name and other informations (sid etc).

--
Sincerely,
Maruf Maniruzzaman,
Software Engineer,
KAZ Software Limited,
Dhaka, Bangladesh.
http://kaz.com.bd
http://kuashaonline.com

This posting is provided "AS IS", and confers no rights.
Top

Re: How to detect user context by Ivan

Ivan
Wed Aug 29 02:45:22 CDT 2007

After you have understood all of the limitations of codes
that runs (actually, cannot run) in an arbitrary process context,
you can start looking at:
SeCaptureSubjectContext
SeQuerySubjectContextToken
SeQueryInformationToken

--

--
This posting is provided "AS IS" with no warranties, and confers no rights.
Use of any included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm


"Maruf Maniruzzaman" <MarufManiruzzaman@discussions.microsoft.com> wrote in
message news:4C9E33B8-23EF-4283-8AEC-7A8DA7E56A13@microsoft.com...
> An application can request my driver for some service. I want to know the
> user name and other informations (sid etc).
>
> --
> Sincerely,
> Maruf Maniruzzaman,
> Software Engineer,
> KAZ Software Limited,
> Dhaka, Bangladesh.
> http://kaz.com.bd
> http://kuashaonline.com
>
> This posting is provided "AS IS", and confers no rights.
>


Top

Re: How to detect user context by Maxim

Maxim
Wed Aug 29 05:37:57 CDT 2007

->Parameters.Create.SecurityContext in the MJ_CREATE path when the driver
is being opened. You cannot see user name, you can only see the SID.

I would suggest to to never ever use user names in the kernel, use SIDs
itself.

The thing is that, also the newer Windows version have the kernel-mode
equivalent of LookupAccountName/Sid, these functions are definitely inverted
calls to LSA or some other user mode service, and the user mode functions
sometimes _require an RPC query to the domain controller_.

--
Maxim Shatskih, Windows DDK MVP
StorageCraft Corporation
maxim@storagecraft.com
http://www.storagecraft.com

"Maruf Maniruzzaman" <MarufManiruzzaman@discussions.microsoft.com> wrote in
message news:4C9E33B8-23EF-4283-8AEC-7A8DA7E56A13@microsoft.com...
> An application can request my driver for some service. I want to know the
> user name and other informations (sid etc).
>
> --
> Sincerely,
> Maruf Maniruzzaman,
> Software Engineer,
> KAZ Software Limited,
> Dhaka, Bangladesh.
> http://kaz.com.bd
> http://kuashaonline.com
>
> This posting is provided "AS IS", and confers no rights.
>

Top