Reputation: 4440
Retrieving the actual user account that started a process
I am trying to retrieve the user account under which a process has been started. So far i have not found any answers that retrieve the good information. All of them return the string of the username which is not the account. I have tried WMI and Diagnostic all with the same results which are half correct.
Let's say i start notepad twice.
- First one i open it with the account : \MyDomain\Franck
- Second on i open it with the account : \MyComputer\Franck
Then use either WMI or Diagnostics and both return username "Franck" and i have not way to know if it's running under the local user or the domain one.
One way could be to use Diagnostics
var procs = Process.GetProcessesByName("Notepad").ToList();
var notepad1 = procs[0].StartInfo.Environment["Username"];
var notepad2 = procs[1].StartInfo.Environment["Username"];
Both return Franck but one is the domain account and the other is the local.
Upvotes: 3
Views: 112
Answers (2)
Reputation: 2205
tasklist /v gives the relevant info that you are interested in, i.e., the user name with the domain name.
The official documentation does not show any sample outputs.
tasklist
Displays a list of currently running processes on the local computer or on a remote computer.
/v Displays verbose task information in the output.
You can use it together with /fo csv option to get the result and parse it.
This answer from SuperUser has screen shots showing the output.
You can run this command as a separate process from your application similar to this, but passing the other parameters.
Upvotes: 1
Reputation: 1697
If you want the name of the domain that contains the user's account, then you're looking for UserDomain Environment Variable
If you want which domain controller authenticated the client's logon request, then you're looking for LogonServer Environment Variable
var procs = Process.GetProcessesByName("Notepad").
var userDomain = procs[0].StartInfo.Environment["UserDomain"];
var logonServer = procs[0].StartInfo.Environment["LogonServer"];
Values on my windows machine (local user):
userDomain: "LAPTOP-DDK137L8"
logonServer: "\\LAPTOP-DDK137L8"
So from this you should be able to determine if it's running under the local user or the domain one.
Upvotes: 1
Related Questions
- How do I determine the owner of a process in C#?
- How do you get the UserName of the owner of a process?
- Determine from within code which user my process is running as
- How to know what user starts program?
- Get identity of currently logged-on user, not System account
- Under which user account does Process.Start start?
- How to get the user name or owner of a process in .net
- Using Process.StartInfo.UserName
- How do I find out what user owns what process programmatically?
- How do I discover how my process was started