Some times it is necessary to check the process owner before taking any action against that process. For example, in a terminal server scenario, if you want to terminate winword process of a particular user, it is important that you should determine the process user first before killing it. If you blindly kill the process remotely, it will end the process of all the users who are running MS word application.
So, here is the piece of code which helps you to determine who the owner of a given process on local or remote system.
(GWMI -class win32_Process -computer myremotepc1 -Filter “name=’winword.exe’”).GetOwner()
If you take a close look at the output, it has the information we need. That is username and domain to which user belongs.
To get the process owner name, use the below command.
(GWMI -class win32_Process -computer myremotepc1 -Filter “name=’winword.exe’”).GetOwner().user
To get process owner domain name, use this command
(GWMI -class win32_Process -computer myremotepc1 -Filter “name=’winword.exe’”).GetOwner().domain
To club everything together, here is the complete code
$processdetails = (GWMI -class win32_Process -computer myremotepc1 -Filter “name=’winword.exe’”).GetOwner()
write-host “User Name : $(Processdetails.user)`$(processdetails.domain)”
Hope this helps…