How to use PowerShell get the start up account of a process?

Question

On windows, I can use runas to run an application as another account (not the one your are logged in at the moment) like this:

runas /netonly /user:some_domain\account "utility.exe"

How can I get this some_domain\account from PowerShell? I've checked Get-Process and win32_process WMI class but didn't find anything useful.

---

Update

Re @briantist's answer: I'm a little confused about the result from @briantist's answer. I logged on to my computer using a local account (my computer is not in a domain) and runas the utility (SQL Server management studio aka SSMS here) as a domain account. When I run the script that @briantist provided, the result just shows me that SSMS is running on my local account not the domain account. But in SSMS I can use a function suser_sname() to ask the server who am i and the result is some_domain\account. It's a little weird to me. Is this by design or am I wrong some where?

Answer 1

Tony Hinkle's answer (+1) is great, and very simple, but it does require elevation.

To do this as a non-privileged user, you can use CIM:

Get-CimInstance Win32_Process -Filter "name='utility.exe'" | Invoke-CimMethod -MethodName GetOwner

If you can elevate, I do recommend the other answer.

Answer 2

Get-process has an -IncludeUserName switch:

get-process -IncludeUserName

Specifically for utility.exe:

get-process utility -IncludeUserName