none
From process to user to user profile path RRS feed

  • Question

  • I'm writing a script to auto update an application running as a service, clearly the service could run under different accounts, user account, local service, network service, system, etc, and to update it I need some information that are saved in the profile folder. I know how to get the owner of the process but the only way that I have found to get the profile folder is to create a list of all profiles, map them to the user accounts and in this way find the profile folder. Is there a easier way to do it?

    #get process
    $p=gwmi Win32_Process -F "Name='myservice.exe'"
    #get owner
    $o=$p.GetOwner()
    #get user name
    $un=$o.Domain+"\\"+$o.User
    
    #create a list of all user profiles with the user name
    #http://www.nextofwindows.com/how-to-get-the-list-of-user-profiles-on-your-computer
    $path = 'Registry::HKey_Local_Machine\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\*'
    $items = Get-ItemProperty -path $path
    Foreach ($item in $items) {
        $objUser = New-Object System.Security.Principal.SecurityIdentifier($item.PSChildName)
        $objName = $objUser.Translate([System.Security.Principal.NTAccount])
        $item.PSChildName = $objName.value
    }
    
    $user=$items | where {$_.PSChildName -eq $un}
    Sunday, February 21, 2016 4:20 PM

Answers

  • Here is one way:


    $processName = "myservice.exe"
    $process = Get-WmiObject Win32_Process -Filter "Name='$processName'"
    $owner = $process.GetOwner()
    $ntAccount = [Security.Principal.NTAccount] ("{0}\{1}" -f $owner.Domain,$owner.User)
    $sid = ($ntAccount.Translate([Security.Principal.SecurityIdentifier])).Value
    $profile = [WMI] "root\CIMV2:Win32_UserProfile.SID='$sid'"
    $profile.LocalPath
    


    -- Bill Stewart [Bill_Stewart]

    Monday, February 22, 2016 3:24 PM
    Moderator

All replies

  • Is this your question: "How do I determine the profile folder on the current computer for the user account that started a particular process?"

    -- Bill Stewart [Bill_Stewart]

    Monday, February 22, 2016 3:01 PM
    Moderator
  • Here is one way:


    $processName = "myservice.exe"
    $process = Get-WmiObject Win32_Process -Filter "Name='$processName'"
    $owner = $process.GetOwner()
    $ntAccount = [Security.Principal.NTAccount] ("{0}\{1}" -f $owner.Domain,$owner.User)
    $sid = ($ntAccount.Translate([Security.Principal.SecurityIdentifier])).Value
    $profile = [WMI] "root\CIMV2:Win32_UserProfile.SID='$sid'"
    $profile.LocalPath
    


    -- Bill Stewart [Bill_Stewart]

    Monday, February 22, 2016 3:24 PM
    Moderator