Discussion:
Determining the user name of a named pipe requester.
(too old to reply)
Eno
2010-05-21 05:58:22 UTC
Permalink
Hello,

I have an application that runs as a number of Microsoft Windows
services. One service is designed to accept a connection, via a named
pipe (server-side), and to execute a command issued over the named
pipe, by a user.

This design has worked well for many years now.

I now have a requirement to provide some kind of audit information.
For example, what command was requested, at what date and time, and by
whom?

I have been reading about various access tokens etc, and also about
the ImpersonateNamedPipeClient function etc. I'm still not clear I can
do what I need to do.

Essentially, is there a way to determine the Windows user name of a
named-pipe requester? In other words, when the server service notices
that the client software has connected to the pipe, the server program
will read the command from the pipe - is there a way I can find out
who is requesting that command?

Thanks for any help.
Tom Handal
2010-05-22 06:34:27 UTC
Permalink
Post by Eno
Hello,
I have an application that runs as a number of Microsoft Windows
services. One service is designed to accept a connection, via a named
pipe (server-side), and to execute a command issued over the named
pipe, by a user.
This design has worked well for many years now.
I now have a requirement to provide some kind of audit information.
For example, what command was requested, at what date and time, and by
whom?
I have been reading about various access tokens etc, and also about
the ImpersonateNamedPipeClient function etc. I'm still not clear I can
do what I need to do.
Essentially, is there a way to determine the Windows user name of a
named-pipe requester? In other words, when the server service notices
that the client software has connected to the pipe, the server program
will read the command from the pipe - is there a way I can find out
who is requesting that command?
Thanks for any help.
Starting with Windows Vista, there are two functions:
GetNamedPipeClientProcessId and GetNamedPipeClientSessionId.

Anyway, you can use GetNamedPipeClientSessionId to get the session
number. Then use WTSEnumerateSessionsEx to enumerate the sessions on
the box until you find that one. Once you find it, the
WTS_SESSION_INFO_1 structure contains the username, etc.

I haven't actually tried this, but I have used the WTS functions and
they work well. I don't see why you wouldn't be able to use this
sequence to find the user.

Regards
Tom Handal
c***@symphonyfintech.in
2018-04-19 11:22:23 UTC
Permalink
Hello Tom Handall

I have a query on GetNamedPipeClientProcessId, GetNamedPipeClientSessionId. What I essentially want to do is control number of threads that get created on the server side and to also prevent clients from unwanted application from connecting.

The doco does not seem to cover all scenarios
JJ
2018-04-20 12:27:02 UTC
Permalink
Post by c***@symphonyfintech.in
Hello Tom Handall
I have a query on GetNamedPipeClientProcessId,
GetNamedPipeClientSessionId. What I essentially want to do is control
number of threads that get created on the server side and to also prevent
clients from unwanted application from connecting.
The doco does not seem to cover all scenarios
In order to get information of the client application, you'll need to have
access to the client's session by connecting to the client computer as a
client. This can only be done if the client computer allows another computer
to log into the system and gave access to the remote user account.

So, you'll need cooperation with the client, or you yourself is the
administrator of that client computer. Otherwise, it's impossible to achieve
what you want due to privacy issue.

BTW, Tom is no longer active on usenet since the past 8 years.

Loading...