通过找资料得出可以用Windows NT Session 来搞定,参考文章
http://www.cnblogs.com/suiyingjie/archive/2007/11/06/951206.html
关键函数LsaEnumerateLogonSessions,由于本人学VB的,遂继续寻找,找到
http://www.tech-archive.net/Archive/VB/microsoft.public.vb.winapi/2004-03/0598.html
代码
Option Explicit
Option Compare Binary
Option Base 0
Private Enum LogonTypes
ltInteractive = 2
ltNetwork
ltBatch
ltService
ltProxy
ltUnlock
End Enum
Private Type LSA_UNICODE_STRING
Length As Integer
MaximumLength As Integer
Buffer As Long
End Type
Private Type SECURITY_LOGON_SESSION_DATA
Size As Long
LogonId As Currency
UserName As LSA_UNICODE_STRING
LogonDomain As LSA_UNICODE_STRING
AuthenticationPackage As LSA_UNICODE_STRING
LogonType As LogonTypes
Session As Long
Sid As Long
LogonTime As Currency
LogonServer As LSA_UNICODE_STRING
DnsDomainName As LSA_UNICODE_STRING
Upn As LSA_UNICODE_STRING
End Type
Private Declare Function LsaFreeReturnBuffer Lib "secur32.dll" _
(ByVal BuffPtr As Long) As Long
Private Declare Function LsaEnumerateLogonSessions Lib "secur32.dll" _
(ByRef LogonSessionCount As Long, ByRef LogonSessionList As Long) As Long
Private Declare Function LsaGetLogonSessionData Lib "secur32.dll" _
(ByRef LogonId As Currency, ByRef ppLogonSessionData As Long) As Long
Private Declare Sub CopyMemory Lib "kernel32" Alias "RtlMoveMemory" _
(ByRef dst As Any, ByRef src As Any, ByVal nbytes As Long)
Private Sub Main()
Dim lResult As Long
Dim lCount As Long
Dim lSessionList As Long
Dim lSessions() As Currency
Dim lData As Long ' address of pointer
Dim uData As SECURITY_LOGON_SESSION_DATA
Dim s As Long
lResult = LsaEnumerateLogonSessions(lCount, lSessionList)
If lResult = 0 Then
If lCount > 0 Then
ReDim lSessions(1 To lCount)
CopyMemory lSessions(1), ByVal lSessionList, lCount * 8
For s = 1 To lCount
lResult = LsaGetLogonSessionData(lSessions(s), lData)
If lResult = 0 Then
CopyMemory uData, ByVal lData, LenB(uData)
Debug.Print uData.LogonType,
GetLSAString(uData.AuthenticationPackage), _
GetLSAString(uData.LogonDomain) & "\" &
GetLSAString(uData.UserName)
lResult = LsaFreeReturnBuffer(lData)
Else
Debug.Print "Unable to get session " & s & ":" & lResult & "," &
Err.LastDllError
End If
Next
End If
lResult = LsaFreeReturnBuffer(lSessionList)
Else
Debug.Print "Unable to enumerate sessions:" & lResult & "," &
Err.LastDllError
End If
End Sub
Private Function GetLSAString(ByRef LSAString As LSA_UNICODE_STRING)
Dim b() As Byte
If LSAString.Length > 0 Then
ReDim b(1 To LSAString.Length)
CopyMemory b(1), ByVal LSAString.Buffer, LSAString.Length
GetLSAString = b
End If
End Function
LogonType有以下几个
Interactive = 2, // Interactively logged on (locally or remotely)
Network = 3, // Accessing system via network
Batch = 4, // Started via a batch queue
Service = 5, // Service started by service controller
Proxy = 6, // Proxy logon
Unlock = 7 // Unlock workstation
我们监控Interactive=2的就可以了