Detecting user that launches packaged script while using Run As

Ask your PowerShell-related questions, including questions on cmdlet development!
Forum rules
Do not post any licensing information in this forum.

Any code longer than three lines should be added as code using the 'Select Code' dropdown menu or attached as a file.
This topic is 6 years and 3 months old and has exceeded the time allowed for comments. Please begin a new topic or use the search feature to find a similar but newer topic.
Locked
User avatar
cdouglas_nch
Posts: 16
Last visit: Wed Feb 28, 2024 10:55 am

Detecting user that launches packaged script while using Run As

Post by cdouglas_nch »

OS: Windows 10 Build 1607 x64
PS Studio Build: Latest (not at work, but I always keep it up to date)

When packaging a script and configuring it to run as another user, does anyone know how to obtain the username of the user that launches the first process?

For example, if I have a packaged script called 'Script.exe' configured to run as 'UserB', and then launch 'Script.exe' as 'UserA', $env:username returns 'UserB' as I would expect (the same applies when using the impersonate option). I'm trying to figure out a way to identify 'UserA'.

So far I've identified that in a normal PowerShell prompt (both elevated and non-elevated) I can use the WMI class Win32_Process and method GetOwner to identify the the owner of the parent process of the PowerShell prompt. Problem is when I try this with a packaged script the methods return value is 2 (access denied). I've tried launching 'Script.exe' with 'UserA' configured as a local administrator, still get an access denied.

Does anyone know how to get the GetOwner method to work, or have another means of getting the username of the parent process? The end goal is to have Script.exe run as 'UserB' but write to a log file specifically for 'UserA'.
User avatar
Alexander Riedel
Posts: 8472
Last visit: Mon Mar 18, 2024 2:59 pm
Answers: 19
Been upvoted: 37 times

Re: Detecting user that launches packaged script while using Run As

Post by Alexander Riedel »

[Topic moved by moderator]
Please note that the Customer support forum is not intended for technical support or general Powershell questions. It is dedicated to assist customers with sales and licensing questions.
Alexander Riedel
SAPIEN Technologies, Inc.
jvierra
Posts: 15439
Last visit: Tue Nov 21, 2023 6:37 pm
Answers: 30
Has voted: 4 times
Been upvoted: 33 times

Re: Detecting user that launches packaged script while using Run As

Post by jvierra »

The only way to get another users process is to run as an elevated admin. Regular users cannot see the owner of processes other then ones they have started.

A process launched with alternate credentials runs in a new session and it is not a child of the process that started it.

Pass the username to the process on the command line when you launch it.
This topic is 6 years and 3 months old and has exceeded the time allowed for comments. Please begin a new topic or use the search feature to find a similar but newer topic.
Locked