首页 > Linux操作系统 > Linux操作系统 > .net读取Windows登录用户信息(downmoon)


原创 Linux操作系统 作者:iDotNetSpace 时间:2009-01-04 15:53:59 0 删除 编辑

如何读取windows 当前登录用户的状态信息。



        /**//* The following Interop code should be placed in a sealed internal NativeMethod class
         * but has been left here to simplify the example.

        [DllImport("secur32.dll", SetLastError = false)]
        private static extern uint LsaFreeReturnBuffer(IntPtr buffer);

        [DllImport("Secur32.dll", SetLastError = false)]
        private static extern uint LsaEnumerateLogonSessions(out UInt64 LogonSessionCount, out IntPtr LogonSessionList);

        [DllImport("Secur32.dll", SetLastError = false)]
        private static extern uint LsaGetLogonSessionData(IntPtr luid, out IntPtr ppLogonSessionData);

        private struct LSA_UNICODE_STRING
            public UInt16 Length;
            public UInt16 MaximumLength;
            public IntPtr buffer;

        private struct LUID
            public UInt32 LowPart;
            public UInt32 HighPart;

        private struct SECURITY_LOGON_SESSION_DATA
            public UInt32 Size;
            public LUID LoginID;
            public LSA_UNICODE_STRING Username;
            public LSA_UNICODE_STRING LoginDomain;
            public LSA_UNICODE_STRING AuthenticationPackage;
            public UInt32 LogonType;
            public UInt32 Session;
            public IntPtr PSiD;
            public UInt64 LoginTime;
            public LSA_UNICODE_STRING LogonServer;
            public LSA_UNICODE_STRING DnsDomainName;
            public LSA_UNICODE_STRING Upn;

        private enum SECURITY_LOGON_TYPE : uint
            Interactive = 2,    //The security principal is logging on interactively.
            Network,            //The security principal is logging using a network.
            Batch,              //The logon is for a batch process.
            Service,            //The logon is for a service account.
            Proxy,              //Not supported.
            Unlock,             //The logon is an attempt to unlock a workstation.
            NetworkCleartext,   //The logon is a network logon with cleartext credentials.
            NewCredentials,     // Allows the caller to clone its current token and specify new credentials for outbound connections. The new logon session has the same local identity but uses different credentials for other network connections.
            RemoteInteractive,  // A terminal server session that is both remote and interactive.
            CachedInteractive, // Attempt to use the cached credentials without going out across the network.
            CachedRemoteInteractive, // Same as RemoteInteractive, except used internally for auditing purposes.
            CachedUnlock          // The logon is an attempt to unlock a workstation.




 public void PopulateListbox()
            System.Security.Principal.WindowsIdentity currentUser = System.Security.Principal.WindowsIdentity.GetCurrent();

            DateTime systime = new DateTime(1601, 1, 1, 0, 0, 0, 0); //win32 systemdate

            UInt64 count;
            IntPtr luidPtr = IntPtr.Zero;
            LsaEnumerateLogonSessions(out count, out luidPtr);  //gets an array of pointers to LUIDs

            IntPtr iter = luidPtr;      //set the pointer to the start of the array

            for (ulong i = 0; i < count; i++)   //for each pointer in the array
                IntPtr sessionData;

                LsaGetLogonSessionData(iter, out sessionData);

                //if we have a valid logon
                if (data.PSiD != IntPtr.Zero)
                    //get the security identifier for further use
                    System.Security.Principal.SecurityIdentifier sid = new System.Security.Principal.SecurityIdentifier(data.PSiD);
                    //extract some useful information from the session data struct
                    string username = Marshal.PtrToStringUni(data.Username.buffer).Trim();          //get the account username
                    string domain =  Marshal.PtrToStringUni(data.LoginDomain.buffer).Trim();        //domain for this account 
                    string authpackage = Marshal.PtrToStringUni(data.AuthenticationPackage.buffer).Trim();    //authentication package
                    SECURITY_LOGON_TYPE secType = (SECURITY_LOGON_TYPE)data.LogonType;
                    DateTime time = systime.AddTicks((long)data.LoginTime);                              //get the datetime the session was logged in

                    listBox1.Items.Add("User: " + username + " *** Domain: " + domain + " *** Login Type: (" + data.LogonType + ") " + secType.ToString() +" *** Login Time: "+time.ToLocalTime().ToString());
                iter = (IntPtr)((int)iter + Marshal.SizeOf(typeof(LUID)));  //move the pointer forward
                LsaFreeReturnBuffer(sessionData);   //free the SECURITY_LOGON_SESSION_DATA memory in the struct
            LsaFreeReturnBuffer(luidPtr);   //free the array of LUIDs


来自 “ ITPUB博客 ” ,链接:,如需转载,请注明出处,否则将追究法律责任。

请登录后发表评论 登录


  • 博文量
  • 访问量