![\"Hey,](\"https:\/\/devblogs.microsoft.com\/wp-content\/uploads\/sites\/29\/2019\/02\/q-for-powertip.jpg\" "\\"Hey,")
\n \n
Hey, Scripting Guy! How can I get the process ID for a file like MyExecutableFile.exe, but only if a certain user is the owner of that process? Hey, SC. You know, here at Microsoft ownership is very important; for example, when you sit down to discuss joint projects with people the very first question that comes up is this: who actually owns<\/I> this project?<\/P>\n Is that because people at Microsoft want to own everything<\/I>? Heavens no: after all, the owner of the project has to do all the implementation and all the maintenance, has to respond to customer feedback, has to fix bugs, etc. No one wants to own everything; on the contrary, people are always working to ensure that they don\u2019t own anything<\/I>. If you\u2019re really clever you can figure out a way to get credit for stuff without actually having to own<\/I> that stuff. That\u2019s what the smart people around here do all the time.<\/P>\n Which, alas, explains why the Scripting Guys own the Script Center and everything in it. <\/P>\n
— SC<\/P>![\"Spacer\"](\"https:\/\/devblogs.microsoft.com\/scripting\/wp-content\/uploads\/sites\/29\/2019\/05\/spacer.gif\")
![\"Hey,](\"https:\/\/devblogs.microsoft.com\/wp-content\/uploads\/sites\/29\/2019\/02\/a-for-powertip.jpg\" "\\"Hey,")
![\"Script](\"http:\/\/img.microsoft.com\/library\/media\/1033\/technet\/images\/scriptcenter\/ad.jpg\" "\\"Script")
<\/A> \n
| \n Note<\/B>. Sure, maybe we\u2019re a little na\u00efve and gullible at times. But once we get our hands on that $90 million we are helping the widow of the Nigerian Defense Minister transfer to a US bank account, well, then we\u2019ll see who has the last laugh.<\/P><\/TD><\/TR><\/TBODY><\/TABLE>\n So can<\/I> we get the process ID for an executable file, but only if that file is owned by a specific user? Of course we can:<\/P> Set objWMIService = GetObject(“winmgmts:\\\\” & strComputer & “\\root\\cimv2”)<\/p>\n Set colProcessList = objWMIService.ExecQuery _\n (“Select * from Win32_Process Where Name = ‘notepad.exe'”)<\/p>\n For Each objProcess in colProcessList\n objProcess.GetOwner strNameOfUser,strUserDomain\n strOwner = strUserDomain & “\\” & strNameOfUser\n If LCase(strOwner) = “fabrikam\\kenmyer” Then\n Wscript.Echo objProcess.Handle\n End If\nNext\n<\/PRE>\n Yes, it\u2019s that easy. What we\u2019re doing here is getting the process ID for any instance of Notepad that is owned by the account fabrikam\\kenmyer. To do that, we begin by connecting to the WMI service on the local computer (although we could just as easily run this script against a remote computer). We then use the ExecQuery<\/B> method to retrieve a collection of all the processes that have a Name<\/B> equal to notepad.exe<\/I>:<\/P> Good question: wouldn\u2019t it be better if we ran a query that returned all the processes that had a Name equal to notepad.exe and<\/I> an owner equal to fabrikam\\kenmyer? You bet it would; unfortunately, though, we can\u2019t do that. That\u2019s because the name of the process owner can\u2019t be retrieved as part of a query; instead, we have to use the GetOwner<\/B> method to individually retrieve process owners one-by-one. In fact, there\u2019s really only one reason that we even bother to limit the returned data to processes with the Name notepad.exe: that way we\u2019ll have fewer processes we need to run GetOwner against.<\/P>\n Speaking of which, as soon as we have our collection we set up a For Each loop to cycle through each process in the collection; the very first thing we do inside that loop is call the GetOwner method:<\/P> As you can see, for the process in question we call GetOwner and include a pair of \u201cout\u201d parameters: strNameOfUser and strUserDomain. Out parameters are nothing more than variables, and the names are arbitrary: we can name these variables anything we want. (We chose strNameOfUser and strUserDomain because the names just seem to roll off the tongue, don\u2019t they?) The only real difference between out parameters and regular old variables is that we never assign a value to these parameters; instead, the GetOwner method assigns the name and domain of the process owner to strNameOfUser and strUserDomain, respectively. <\/P>\n Once that\u2019s done we then use this line of code to construct an owner name using the format domain\\user <\/I>(e.g., fabrikam\\kenmyer):<\/P> At this point we finally know the owner of the process; the only thing we don\u2019t<\/I> know is whether or not this happens to be the user we\u2019re interested in. To answer that question we use the following If statement to determine whether the lowercase value of strOwner (the variable containing the owner name) is equal to fabrikam\\kenmyer<\/I>:<\/P> If the owner is<\/I> fabrikam\\kenmyer we echo back the process ID (which can be found in the Handle<\/B> property). If the owner happens to be anyone else, well, then we don\u2019t do anything at all. Which is what we Scripting Guys do best.<\/P>\n Does that answer your question, SC? If not, please don\u2019t write to us; instead, we ask you to direct all additional inquiries to the owner of this particular column. <\/P>\n Which would be, well, us. You know, we really have to work on taking credit for stuff without actually owning it, don\u2019t we?<\/P><\/p>\n","protected":false},"excerpt":{"rendered":" Hey, Scripting Guy! How can I get the process ID for a file like MyExecutableFile.exe, but only if a certain user is the owner of that process?— SC Hey, SC. You know, here at Microsoft ownership is very important; for example, when you sit down to discuss joint projects with people the very first question […]<\/p>\n","protected":false},"author":595,"featured_media":87096,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1],"tags":[31,87,3,5],"class_list":["post-66803","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-scripting","tag-operating-system","tag-processes","tag-scripting-guy","tag-vbscript"],"acf":[],"blog_post_summary":" Hey, Scripting Guy! How can I get the process ID for a file like MyExecutableFile.exe, but only if a certain user is the owner of that process?— SC Hey, SC. You know, here at Microsoft ownership is very important; for example, when you sit down to discuss joint projects with people the very first question […]<\/p>\n","_links":{"self":[{"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/posts\/66803","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/users\/595"}],"replies":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/comments?post=66803"}],"version-history":[{"count":0,"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/posts\/66803\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/media\/87096"}],"wp:attachment":[{"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/media?parent=66803"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/categories?post=66803"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/scripting\/wp-json\/wp\/v2\/tags?post=66803"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}} |