可以将文章内容翻译成中文,广告屏蔽插件可能会导致该功能失效(如失效,请关闭广告屏蔽插件后再试):
问题:
I am trying to get the current's user last logon. I might be this current session or it might be one before that.
I am calling GetUserName() to get the current username. I feed that into NetUserGetInfo() to try to get the last logon time. All this fails with error 2221 (user not found). When I tried with "administrator" it works. Even when I hardcode my username it returns a 2221. This is what I am using:
nStatus = NetUserGetInfo(NULL, L"administrator", dwLevel, (LPBYTE *) & pBuf);
How can you get the current user's last logon time?
thank you, code is always welcomed.
Here's the full code I am currently using:
DWORD dwLevel = 2; NET_API_STATUS nStatus; LPTSTR sStringSid = NULL; LPUSER_INFO_0 pBuf = NULL; LPUSER_INFO_2 pBuf2 = NULL; WCHAR UserName[256]; DWORD nUserName = sizeof(UserName); if(GetUserName(UserName, &nUserName)) { printf("information for %ls\n", UserName); nStatus = NetUserGetInfo(NULL, UserName, dwLevel, (LPBYTE *) & pBuf); if (nStatus == NERR_Success) { pBuf2 = (LPUSER_INFO_2) pBuf; printf("\tUser account name: %ls\n", pBuf2->usri2_name); printf("\tLast logon (seconds since January 1, 1970 GMT): %d\n", pBuf2->usri2_last_logon); printf("\tLast logoff (seconds since January 1, 1970 GMT): %d\n", pBuf2->usri2_last_logoff); } else fprintf(stderr, "NetUserGetinfo failed with error: %d\n", nStatus); if (pBuf != NULL) NetApiBufferFree(pBuf); }
回答1:
You can try to use other level as 2 for example 11.
You can aslo try LsaGetLogonSessionData (see http://msdn.microsoft.com/en-us/library/aa378290.aspx). The struct SECURITY_LOGON_SESSION_DATA has a lot of information which can be helpful for you. The LUID (the first parameter of LsaGetLogonSessionData) you can get from GetTokenInformation with TokenStatistics and get AuthenticationId field of the TOKEN_STATISTICS struct.
UPDATED: I read more carefully your code and I see now your main error. Function NetUserGetInfo is very old. It exists in the time before Windows NT 3.1. The group of functions which Microsoft named now "Network Management" has the name "LAN Manager API". All the functions were introduced in the time where no local login exists. So you can use NetUserGetInfo with NULL as the first parameter only on a domain controller. So in the case that you login with the domain account you should call NetGetDCName, NetGetAnyDCName or better DsGetDcName to get the name of a domain controller and use this name (started with two backslashes) as the first parameter of NetUserGetInfo. If you login with a local workstation account your program should work, but the account seems me must be UNICODE string like L"Administrator" and not "Administrator". By the way if I login locally on my Windows 7 64-bit computer your program work without any problem. The code
nStatus = NetUserGetInfo(NULL, L"administrator", dwLevel, (LPBYTE *) & pBuf);
works also.
I repeat then in my opinion the best way to get user's last logon is the usage of LSA (Local Security Authority) API like LsaGetLogonSessionData. How promised I wrote for you a code example which shows how to use LsaGetLogonSessionData in C:
#include #include #include #include #include //#include #include #include #pragma comment (lib, "Secur32.lib") #pragma comment (lib, "strsafe.lib") // The following constant may be defined by including NtStatus.h. #ifndef STATUS_SUCCESS #define STATUS_SUCCESS ((NTSTATUS)0x00000000L) #endif // The LSA authentication functions are available in Unicode only. BOOL GetLogonLUID (LUID *pLuid) { BOOL bSuccess; HANDLE hThread = NULL; DWORD cbReturnLength; TOKEN_STATISTICS ts; __try { bSuccess = OpenProcessToken (GetCurrentProcess(), TOKEN_QUERY, &hThread); // TOKEN_QUERY_SOURCE if (!bSuccess) __leave; cbReturnLength = sizeof(TOKEN_STATISTICS); bSuccess = GetTokenInformation (hThread, TokenStatistics, &ts, sizeof(TOKEN_STATISTICS), &cbReturnLength); if (bSuccess) *pLuid = ts.AuthenticationId; } __finally { if (hThread) CloseHandle (hThread); } return bSuccess; }
翻译