查找当前用户活动目录组 C++

发布于 2024-09-14 21:58:39 字数 1336 浏览 6 评论 0原文

我将如何查询当前登录用户属于哪个活动目录组?我假设它将通过 LDAP 进行,但我还没有找到很多关于如何获取此特定信息的信息。

我已经整理了一些代码,但我不太确定下一步需要做什么

    // Open the access token associated with the calling process.
if (OpenProcessToken(GetCurrentProcess(),
                     TOKEN_QUERY,
                     &hToken) == FALSE)
{
    dwErrorCode = GetLastError();
    wprintf(L"OpenProcessToken failed. GetLastError returned: %d\n", dwErrorCode);
    return HRESULT_FROM_WIN32(dwErrorCode);
}

// Retrieve the token information in a TOKEN_USER structure.
GetTokenInformation(hToken,
                    TokenUser,      // Request for a TOKEN_USER structure.
                    NULL,
                    0,
                    &dwBufferSize);

pTokenUser = (PTOKEN_USER) new BYTE[dwBufferSize];
memset(pTokenUser, 0, dwBufferSize);
if (GetTokenInformation(hToken,
                        TokenUser,
                        pTokenUser,
                        dwBufferSize,
                        &dwBufferSize))
{
    CloseHandle(hToken);
}
else
{
    dwErrorCode = GetLastError();
    wprintf(L"GetTokenInformation failed. GetLastError returned: %d\n", dwErrorCode);
    return HRESULT_FROM_WIN32(dwErrorCode);
}

if (IsValidSid(pTokenUser->User.Sid) == FALSE)
{
    wprintf(L"The owner SID is invalid.\n");
    delete [] pTokenUser;
}

How would I go about querying what active directory group the currently logged in user belongs to? I am assuming it will be through LDAP but I havnt been able to find much on how to get this particular information.

I have put together some code but im not quite sure what I need to do next

    // Open the access token associated with the calling process.
if (OpenProcessToken(GetCurrentProcess(),
                     TOKEN_QUERY,
                     &hToken) == FALSE)
{
    dwErrorCode = GetLastError();
    wprintf(L"OpenProcessToken failed. GetLastError returned: %d\n", dwErrorCode);
    return HRESULT_FROM_WIN32(dwErrorCode);
}

// Retrieve the token information in a TOKEN_USER structure.
GetTokenInformation(hToken,
                    TokenUser,      // Request for a TOKEN_USER structure.
                    NULL,
                    0,
                    &dwBufferSize);

pTokenUser = (PTOKEN_USER) new BYTE[dwBufferSize];
memset(pTokenUser, 0, dwBufferSize);
if (GetTokenInformation(hToken,
                        TokenUser,
                        pTokenUser,
                        dwBufferSize,
                        &dwBufferSize))
{
    CloseHandle(hToken);
}
else
{
    dwErrorCode = GetLastError();
    wprintf(L"GetTokenInformation failed. GetLastError returned: %d\n", dwErrorCode);
    return HRESULT_FROM_WIN32(dwErrorCode);
}

if (IsValidSid(pTokenUser->User.Sid) == FALSE)
{
    wprintf(L"The owner SID is invalid.\n");
    delete [] pTokenUser;
}

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

ら栖息 2024-09-21 21:58:39

在您的特定情况下,我认为您可以不进行任何 LDAP 调用。这里有一个建议:

  • 使用 GetCurrentProcessIdOpenProcess 获取当前进程的句柄,
  • 在该句柄上调用 OpenProcessToken 以打开与该进程关联的访问令牌当前进程
  • 对该访问令牌调用 GetTokenInformation,令牌信息类为 TokenGroups
  • 生成的 TOKEN_GROUPS 结构包含一个包含 SID 和属性的列表访问令牌中的所有组
  • 对列表中每个组的 SID 调用 LookupAccountSid 来获取其名称

MSDN 应该提供有关上述调用的更详细信息。

In your particular case I think you can do without any LDAP calls. Here's a suggestion:

  • use GetCurrentProcessId and OpenProcess to get a handle to the current process
  • call OpenProcessToken on that handle to open the access token associated with the current process
  • call GetTokenInformation on that access token, with a token information class of TokenGroups
  • the resulting TOKEN_GROUPS structure contains a list with the SIDs and attributes of all the groups in the access token
  • call LookupAccountSid on the SID of each group in the list to obtain its name

MSDN should provide more detailed information about the calls mentioned above.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文