Rev 68 | Rev 82 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed
Rev | Author | Line No. | Line |
---|---|---|---|
68 | daniel-mar | 1 | (******************************************************************************) |
2 | (* SPGetSid - Retrieve the current user's SID in text format *) |
||
3 | (* *) |
||
4 | (* Copyright (c) 2004 Shorter Path Software *) |
||
5 | (* http://www.shorterpath.com *) |
||
6 | (******************************************************************************) |
||
7 | |||
8 | |||
9 | { |
||
10 | SID is a data structure of variable length that identifies user, group, |
||
11 | and computer accounts. |
||
12 | Every account on a network is issued a unique SID when the account is first created. |
||
13 | Internal processes in Windows refer to an account's SID |
||
14 | rather than the account's user or group name. |
||
15 | } |
||
16 | |||
17 | |||
18 | unit SPGetSid; |
||
19 | |||
20 | interface |
||
21 | |||
22 | uses |
||
23 | Windows, SysUtils; |
||
24 | |||
25 | function GetCurrentUserSid: string; |
||
26 | |||
27 | implementation |
||
28 | |||
29 | const |
||
30 | HEAP_ZERO_MEMORY = $00000008; |
||
31 | SID_REVISION = 1; // Current revision level |
||
32 | |||
33 | type |
||
34 | PTokenUser = ^TTokenUser; |
||
35 | TTokenUser = packed record |
||
36 | User: TSidAndAttributes; |
||
37 | end; |
||
38 | |||
39 | function ConvertSid(Sid: PSID; pszSidText: PChar; var dwBufferLen: DWORD): BOOL; |
||
40 | var |
||
41 | psia: PSIDIdentifierAuthority; |
||
42 | dwSubAuthorities: DWORD; |
||
43 | dwSidRev: DWORD; |
||
44 | dwCounter: DWORD; |
||
45 | dwSidSize: DWORD; |
||
46 | begin |
||
47 | Result := False; |
||
48 | |||
49 | dwSidRev := SID_REVISION; |
||
50 | |||
51 | if not IsValidSid(Sid) then Exit; |
||
52 | |||
53 | psia := GetSidIdentifierAuthority(Sid); |
||
54 | |||
55 | dwSubAuthorities := GetSidSubAuthorityCount(Sid)^; |
||
56 | |||
57 | dwSidSize := (15 + 12 + (12 * dwSubAuthorities) + 1) * SizeOf(Char); |
||
58 | |||
59 | if (dwBufferLen < dwSidSize) then |
||
60 | begin |
||
61 | dwBufferLen := dwSidSize; |
||
62 | SetLastError(ERROR_INSUFFICIENT_BUFFER); |
||
63 | Exit; |
||
64 | end; |
||
65 | |||
66 | StrFmt(pszSidText, 'S-%u-', [dwSidRev]); |
||
67 | |||
68 | if (psia.Value[0] <> 0) or (psia.Value[1] <> 0) then |
||
69 | StrFmt(pszSidText + StrLen(pszSidText), |
||
70 | '0x%.2x%.2x%.2x%.2x%.2x%.2x', |
||
71 | [psia.Value[0], psia.Value[1], psia.Value[2], |
||
72 | psia.Value[3], psia.Value[4], psia.Value[5]]) |
||
73 | else |
||
74 | StrFmt(pszSidText + StrLen(pszSidText), |
||
75 | '%u', |
||
76 | [DWORD(psia.Value[5]) + |
||
77 | DWORD(psia.Value[4] shl 8) + |
||
78 | DWORD(psia.Value[3] shl 16) + |
||
79 | DWORD(psia.Value[2] shl 24)]); |
||
80 | |||
81 | dwSidSize := StrLen(pszSidText); |
||
82 | |||
83 | for dwCounter := 0 to dwSubAuthorities - 1 do |
||
84 | begin |
||
85 | StrFmt(pszSidText + dwSidSize, '-%u', |
||
86 | [GetSidSubAuthority(Sid, dwCounter)^]); |
||
87 | dwSidSize := StrLen(pszSidText); |
||
88 | end; |
||
89 | |||
90 | Result := True; |
||
91 | end; |
||
92 | |||
81 | daniel-mar | 93 | function ObtainTextSid(hToken: THandle; pszSid: PChar; var dwBufferLen: DWORD): BOOL; |
68 | daniel-mar | 94 | var |
95 | dwReturnLength: DWORD; |
||
96 | dwTokenUserLength: DWORD; |
||
97 | tic: TTokenInformationClass; |
||
98 | ptu: Pointer; |
||
99 | begin |
||
100 | Result := False; |
||
101 | dwReturnLength := 0; |
||
102 | dwTokenUserLength := 0; |
||
103 | tic := TokenUser; |
||
104 | ptu := nil; |
||
105 | |||
106 | if not GetTokenInformation(hToken, tic, ptu, dwTokenUserLength, |
||
107 | dwReturnLength) then |
||
108 | begin |
||
109 | if GetLastError = ERROR_INSUFFICIENT_BUFFER then |
||
110 | begin |
||
111 | ptu := HeapAlloc(GetProcessHeap, HEAP_ZERO_MEMORY, dwReturnLength); |
||
112 | if ptu = nil then Exit; |
||
113 | dwTokenUserLength := dwReturnLength; |
||
114 | dwReturnLength := 0; |
||
115 | |||
116 | if not GetTokenInformation(hToken, tic, ptu, dwTokenUserLength, |
||
117 | dwReturnLength) then Exit; |
||
118 | end |
||
119 | else |
||
120 | Exit; |
||
121 | end; |
||
122 | |||
123 | if not ConvertSid((PTokenUser(ptu).User).Sid, pszSid, dwBufferLen) then Exit; |
||
124 | |||
125 | if not HeapFree(GetProcessHeap, 0, ptu) then Exit; |
||
126 | |||
127 | Result := True; |
||
128 | end; |
||
129 | |||
130 | function GetCurrentUserSid: string; |
||
131 | var |
||
132 | hAccessToken: THandle; |
||
133 | bSuccess: BOOL; |
||
134 | dwBufferLen: DWORD; |
||
81 | daniel-mar | 135 | szSid: array[0..MAX_PATH] of Char; |
68 | daniel-mar | 136 | begin |
137 | Result := ''; |
||
138 | |||
139 | bSuccess := OpenThreadToken(GetCurrentThread, TOKEN_QUERY, True, |
||
140 | hAccessToken); |
||
141 | if not bSuccess then |
||
142 | begin |
||
143 | if GetLastError = ERROR_NO_TOKEN then |
||
144 | bSuccess := OpenProcessToken(GetCurrentProcess, TOKEN_QUERY, |
||
145 | hAccessToken); |
||
146 | end; |
||
147 | if bSuccess then |
||
148 | begin |
||
149 | ZeroMemory(@szSid, SizeOf(szSid)); |
||
150 | dwBufferLen := SizeOf(szSid); |
||
151 | |||
152 | if ObtainTextSid(hAccessToken, szSid, dwBufferLen) then |
||
153 | Result := szSid; |
||
154 | CloseHandle(hAccessToken); |
||
155 | end; |
||
156 | end; |
||
157 | |||
158 | end. |