即使使用系统服务中的RegOpenCurrentUser,也无法获取用户级注册表值

Cannot get user level registry value even using RegOpenCurrentUser from system service

本文关键字:获取 用户 注册表 系统服务 RegOpenCurrentUser      更新时间:2023-10-16

我写了一个系统服务,我想在其中获取HKEY_CURRENT_user下活动用户的一个注册表值。我写的代码如下。然而,它似乎只能获得系统级注册表值,而不能获得活动用户的注册表值。请参阅下面的代码。问题出在哪里?什么东西不见了?

void GetUserRegistryFromSystemService()
{
#ifdef Q_OS_WIN
    DWORD sessionId = WTSGetActiveConsoleSessionId();
    qInfo() << "Session ID = " << sessionId;
    wchar_t * ppUserName[100];
    DWORD sizeOfUserName;
    WTSQuerySessionInformation(WTS_CURRENT_SERVER_HANDLE, sessionId, WTSUserName, ppUserName, &sizeOfUserName);
    qInfo() << "Windows User Name = " << QString::fromWCharArray(*ppUserName);
    std::wstring strValueOfBinDir = L"Unknown Value";
    LONG regOpenResult = ERROR_SUCCESS;
    HANDLE hUserToken = NULL;
    HANDLE hFakeToken = NULL;
    if (WTSQueryUserToken(sessionId, &hUserToken))
    {
         if (DuplicateTokenEx(hUserToken, TOKEN_ASSIGN_PRIMARY | TOKEN_ALL_ACCESS, 0, SecurityImpersonation, TokenPrimary, &hFakeToken) == TRUE)
         {
            qInfo() << "Before ImpersonateLoggedOnUser()......";
            if (ImpersonateLoggedOnUser(hFakeToken))
            {
                HKEY hKey;
                regOpenResult = RegOpenCurrentUser(KEY_READ, &hKey);
                if (regOpenResult != ERROR_SUCCESS)
                {
                    qCritical() << "Failed to call RegOpenCurrentUser(), Error is " << regOpenResult;
                }
                // Fails to get this hive, will get the default value "Unkown"
                RegOpenKeyEx(HKEY_CURRENT_USER,
                             TEXT("Software\Baidu\BaiduYunGuanjia"),
                             0,
                             KEY_READ,
                             &hKey);
                GetStringRegKey(hKey, TEXT("installDir"), strValueOfBinDir, TEXT("Unknown"));
                // It can get the following hive successfully
                // RegOpenKeyEx(HKEY_LOCAL_MACHINE,
                //              TEXT("Software\GitForWindows"),
                //              0,
                //              KEY_READ,
                //              &hKey);
                // GetStringRegKey(hKey, TEXT("InstallPath"), strValueOfBinDir, TEXT("Unknown"));
                RevertToSelf();
            }
            else
            {
                qCritical() << "Failed to ImpersonateLoggedOnUser...";
            }
            CloseHandle(hFakeToken);
        }
        else
        {
            qCritical() << "Failed to call DuplicateTokenEx...";
        }
        CloseHandle(hUserToken);
    }
    else
    {
        qCritical() << "Failed to get the user token of session " << sessionId;
    }
    qInfo() << "The value of Registry is " << QString::fromWCharArray( strValueOfBinDir.c_str() );
#endif
}

您应该在RegOpenKeyEx中使用从RegOpenCurrentUser接收的HKEY句柄,而不是HKEY_CURRENT_USER:

regOpenResult = RegOpenCurrentUser(KEY_READ, &hKey);
if (regOpenResult != ERROR_SUCCESS)
{
    qCritical() << "Failed to call RegOpenCurrentUser(), Error is " << regOpenResult;
}
HKEY hSubKey; 
// Fails to get this hive, will get the default value "Unkown"
RegOpenKeyEx(hKey, TEXT("Software\Baidu\BaiduYunGuanjia"), 0, KEY_READ, &hSubKey);
相关文章: