C#: Win32_Process getowner on remote machine

  • Thread starter Thread starter auldh
  • Start date Start date
A

auldh

hello,
i have been playing around with this code and i'm not getting. i'm calling
"win32_process" to get a remote machine's process and owner. i try this
locally and i'm not having problems.

however when i to the remote machine i'm not able to get a valid returne for
"getowner". below is part of the code:
ConnectionOptions connectoptions = new ConnectionOptions();
connectoptions.Username = XHF.defInst.tUser.Text;
connectoptions.Password = XHF.defInst.mtPassword.Text;
connectoptions.Authority = "ntlmdomain:" + XHF.defInst.tDomain.Text;
connectoptions.EnablePrivileges = true;
ManagementScope scope = new ManagementScope(@"\\" + remoteSystem +
@"\root\cimv2", connectoptions);
scope.Connect();
//ManagementScope scope = new ManagementScope(@"\root\cimv2");
SelectQuery query = new SelectQuery("SELECT Name, Handle, CSName,
ParentProcessId, ProcessId, SessionId, ExecutablePath FROM Win32_Process");
XHF.defInst.xprhotfixviewer.Refresh();
using (ManagementObjectSearcher searcher = new
ManagementObjectSearcher(scope, query))
{
iNumberofProcess = searcher.Get().Count;
foreach (ManagementObject process in searcher.Get())
{
aProcess[iProcess, 0] = process["Name"].ToString();
aProcess[iProcess, 1] = process["Handle"].ToString();
aProcess[iProcess, 2] = process["CSName"].ToString();
aProcess[iProcess, 3] = process["ParentProcessId"].ToString();
aProcess[iProcess, 4] = process["ProcessId"].ToString();
aProcess[iProcess, 5] = process["SessionId"].ToString();
if (process["ExecutablePath"] != null)
aProcess[iProcess, 6] = process["ExecutablePath"].ToString();
else
aProcess[iProcess, 6] = "";

string[] methodArgs = { "", "" };
process.InvokeMethod("GetOwner", methodArgs);

i always return a null. i tried some sample on the internet and have yet to
crack the problem.
 
auldh said:
hello,
i have been playing around with this code and i'm not getting. i'm calling
"win32_process" to get a remote machine's process and owner. i try this
locally and i'm not having problems.

however when i to the remote machine i'm not able to get a valid returne
for
"getowner". below is part of the code:
ConnectionOptions connectoptions = new ConnectionOptions();
connectoptions.Username = XHF.defInst.tUser.Text;
connectoptions.Password = XHF.defInst.mtPassword.Text;
connectoptions.Authority = "ntlmdomain:" + XHF.defInst.tDomain.Text;
connectoptions.EnablePrivileges = true;
ManagementScope scope = new ManagementScope(@"\\" + remoteSystem +
@"\root\cimv2", connectoptions);
scope.Connect();
//ManagementScope scope = new ManagementScope(@"\root\cimv2");
SelectQuery query = new SelectQuery("SELECT Name, Handle, CSName,
ParentProcessId, ProcessId, SessionId, ExecutablePath FROM
Win32_Process");
XHF.defInst.xprhotfixviewer.Refresh();
using (ManagementObjectSearcher searcher = new
ManagementObjectSearcher(scope, query))
{
iNumberofProcess = searcher.Get().Count;
foreach (ManagementObject process in searcher.Get())
{
aProcess[iProcess, 0] = process["Name"].ToString();
aProcess[iProcess, 1] = process["Handle"].ToString();
aProcess[iProcess, 2] = process["CSName"].ToString();
aProcess[iProcess, 3] = process["ParentProcessId"].ToString();
aProcess[iProcess, 4] = process["ProcessId"].ToString();
aProcess[iProcess, 5] = process["SessionId"].ToString();
if (process["ExecutablePath"] != null)
aProcess[iProcess, 6] = process["ExecutablePath"].ToString();
else
aProcess[iProcess, 6] = "";

string[] methodArgs = { "", "" };
process.InvokeMethod("GetOwner", methodArgs);

i always return a null. i tried some sample on the internet and have yet
to
crack the problem.



Make sure that the user (connectoptions.Username) is a member of the local
administrators group on the remote system, only local admins are allowed to
query these security related attributes. Note that even administrators
cannot query all processes running on a system, so you need to handle the
cases where the return is null, like this:

string[] uid= new String[2];
proc.InvokeMethod("GetOwner", (object[])uid);
if (uid[0] != null)
...
else
// no user info available

Willy.
 
thank you Willy that worked.
herb

Willy Denoyette said:
auldh said:
hello,
i have been playing around with this code and i'm not getting. i'm calling
"win32_process" to get a remote machine's process and owner. i try this
locally and i'm not having problems.

however when i to the remote machine i'm not able to get a valid returne
for
"getowner". below is part of the code:
ConnectionOptions connectoptions = new ConnectionOptions();
connectoptions.Username = XHF.defInst.tUser.Text;
connectoptions.Password = XHF.defInst.mtPassword.Text;
connectoptions.Authority = "ntlmdomain:" + XHF.defInst.tDomain.Text;
connectoptions.EnablePrivileges = true;
ManagementScope scope = new ManagementScope(@"\\" + remoteSystem +
@"\root\cimv2", connectoptions);
scope.Connect();
//ManagementScope scope = new ManagementScope(@"\root\cimv2");
SelectQuery query = new SelectQuery("SELECT Name, Handle, CSName,
ParentProcessId, ProcessId, SessionId, ExecutablePath FROM
Win32_Process");
XHF.defInst.xprhotfixviewer.Refresh();
using (ManagementObjectSearcher searcher = new
ManagementObjectSearcher(scope, query))
{
iNumberofProcess = searcher.Get().Count;
foreach (ManagementObject process in searcher.Get())
{
aProcess[iProcess, 0] = process["Name"].ToString();
aProcess[iProcess, 1] = process["Handle"].ToString();
aProcess[iProcess, 2] = process["CSName"].ToString();
aProcess[iProcess, 3] = process["ParentProcessId"].ToString();
aProcess[iProcess, 4] = process["ProcessId"].ToString();
aProcess[iProcess, 5] = process["SessionId"].ToString();
if (process["ExecutablePath"] != null)
aProcess[iProcess, 6] = process["ExecutablePath"].ToString();
else
aProcess[iProcess, 6] = "";

string[] methodArgs = { "", "" };
process.InvokeMethod("GetOwner", methodArgs);

i always return a null. i tried some sample on the internet and have yet
to
crack the problem.



Make sure that the user (connectoptions.Username) is a member of the local
administrators group on the remote system, only local admins are allowed to
query these security related attributes. Note that even administrators
cannot query all processes running on a system, so you need to handle the
cases where the return is null, like this:

string[] uid= new String[2];
proc.InvokeMethod("GetOwner", (object[])uid);
if (uid[0] != null)
...
else
// no user info available

Willy.
 
Back
Top