问题
I'm trying to understand better how Windows sessions work, so if I have some weird mistakes in the question, please, let me know.
I use LsaEnumerateLogonSessions() to get all the logged on sessions in the system.
Now I have LUID that represents a log-on, and if I understand correctly, it represents a user that logged on or a build it user like SYSTEM.
Now, if user X starts a process, Windows gives that process a token that represents X.
Is there a way (in a Windows service) to get the user's token from LUID? I know I can get it from a process HANDLE, but that is not what I want.
回答1:
You can use LsaGetLogonSessionData to get the session id and then use WTSQueryUserToken to get the token from that. Note that you may need to run as LocalSystem for WTSQueryUserToken (see "How can I get the current user token for the physical session?" regarding that).
来源:https://stackoverflow.com/questions/4534031/get-usertoken-from-logon-id-luid-c