Function Reference

_WinAPI_GetProcessUser

Retrieves the user and domain name for the specified process

#include <WinAPIProc.au3>
_WinAPI_GetProcessUser ( [$iPID = 0] )

Parameters

$iPID [optional] [optional] The PID of the process. Default (0) is the current process.

Return Value

Success: The array that contains the following information:
[0] - The user (account) name.
[1] - The domain name.
Failure: Sets the @error flag to non-zero.

Remarks

Using this function for some processes may require full access rights. Use _WinAPI_AdjustTokenPrivileges()
function to enable $SE_DEBUG_NAME privilege before calling this function.

Related

_WinAPI_AdjustTokenPrivileges

Example

#RequireAdmin

#include <Array.au3>
#include <WinAPIHObj.au3>
#include <WinAPIProc.au3>

Local $aAdjust, $aList = 0

; Enable "SeDebugPrivilege" privilege for obtain full access rights to another processes
Local $hToken = _WinAPI_OpenProcessToken(BitOR($TOKEN_ADJUST_PRIVILEGES, $TOKEN_QUERY))
_WinAPI_AdjustTokenPrivileges($hToken, $SE_DEBUG_NAME, $SE_PRIVILEGE_ENABLED, $aAdjust)

; Retrieve user names for all processes the system
If Not (@error Or @extended) Then
        $aList = ProcessList()
        Local $aData
        For $i = 1 To $aList[0][0]
                $aData = _WinAPI_GetProcessUser($aList[$i][1])
                If IsArray($aData) Then
                        $aList[$i][1] = $aData[0]
                Else
                        $aList[$i][1] = ''
                EndIf
        Next
EndIf

; Enable SeDebugPrivilege privilege by default
_WinAPI_AdjustTokenPrivileges($hToken, $aAdjust, 0, $aAdjust)
_WinAPI_CloseHandle($hToken)

_ArrayDisplay($aList, '_WinAPI_GetProcessUser')