ask:
Hello, script expert! How to determine which account the script is running?
-- KW
answer:
Hello, KW. You know, it's been a while since we opened this column with all sorts of excuses, and it's not easy for us: after all, finding excuses is a great deal for us script experts. Having this clear, let's start with one of our favorite excuses: the scripts we will introduce to you are only valid on Windows XP and Windows Server 2003. We will introduce you to the method that makes this script equally effective on Windows 2000, but the latter is definitely not as good as the former.
Oh, yes: Now it feels good.
OK, no excuses (at least now). Let's discuss scripts. The script is as follows:
strComputer = "."
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colProcessList = ("Select * from Win32_Process Where " & _
"Name = '' or Name = ''")
For Each objProcess in colProcessList
If InStr(, "") Then
colProperties = (strNameOfUser,strUserDomain)
"This script is running under the account belonging to " _
& strUserDomain & "\" & strNameOfUser & "."
End If
Next
As you can see, while this script can be easily run against a remote computer, we first connect to the WMI service on the local computer. (Yes, we did say this many times. But this is not an excuse, but just a statement of the fact: almost all WMI scripts run as well for remote computers as they do on local computers. We do talk about some substance from time to time!)
Next we encountered the following line of code:
Set colProcessList = ("Select * from Win32_Process Where " & _
"Name = '' or Name = ''")
You may have guessed that we need to use the Win32_Process class to perform our tasks, because Win32_Process is a WMI class used to track all processes currently running on the computer. Of course, we don't care about all the processes running on the computer, we only care about scripts. Because of this, we added a Where clause that will only return information for the following two instances of the Windows script host: and.
Note: Yes, we could have written this script in a slightly different way, perhaps saving a line or two of code in the process. We chose this method because it is more similar to the method we performed this task on Windows 2000.
After issuing the query, we set up a For Each loop to traverse the returned collection. In this case, we try to determine the owner of the script named . Therefore, we need to check each script to see if its name is . How do we do it? By using the following line of code:
If InStr(, "") Then
What we are going to do here is to use the InStr function to determine whether the string can be found somewhere in the property CommandLine. What is the CommandLine attribute? Simply put, it is the command string required to start the script from a command prompt. For example, CommandLine might be the following:
C:\Scripts\Test Scripts\
Since we assume that there is no script named , we will check it. If you are worried about such name conflicts, then we can just use InStr and test against strings like \ . This is a question you have to decide.
If our target string can indeed be found in the CommandLine value, we will call the GetOwner method to find out the "owner" of the process (i.e., the name of the account under which the script runs):
(strNameOfUser,strUserDomain)
We need to use GetOwner to pass a pair of "output parameters". The output parameter is the variable that the method will fill with a value (that variable is named by ourselves). Here, we will pass variables named strNameOfUser and strUserDomain. In turn, GetOwner assigns the user name and the domain where the user who owns the process is located to these two variables.
All we have to do at this point is to echo the return information:
"This script is running under the account belonging to " _
& strUserDomain & "\" & strNameOfUser & "."
So, why can't we run this script on Windows 2000? In fact, there are good reasons to explain this: Only on Windows XP and Windows Server 2003 have the CommandLine attribute. On other versions of Windows, we cannot identify individual scripts; the best way is to return owner information for all instances that happen to be running and all instances. If only one script is running, there is no problem: or a single instance of the single script must be that single script. In other words, this means that the owner of the script host process is also the owner of the script process. If multiple scripts are run, it's another matter. If it is true for this situation, you'd better say, "Well, Ken Myer owns one of these scripts, although we don't know which one it is. A script he doesn't own happens to be owned by Pilar Ackerman.
No, not that good. But that's the truth. (Yes, this is an excuse. Although it is a bit loophole, it is an excuse.)
Here is the Windows 2000 solution (or some solutions):
strComputer = "."
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colProcessList = ("Select * from Win32_Process Where " & _
"Name = '' or Name = ''")
For Each objProcess in colProcessList
strNameOfUser,strUserDomain
"A script is running under the account belonging to " _
& strUserDomain & "\" & strNameOfUser & "."
Next
Hello, script expert! How to determine which account the script is running?
-- KW
answer:
Hello, KW. You know, it's been a while since we opened this column with all sorts of excuses, and it's not easy for us: after all, finding excuses is a great deal for us script experts. Having this clear, let's start with one of our favorite excuses: the scripts we will introduce to you are only valid on Windows XP and Windows Server 2003. We will introduce you to the method that makes this script equally effective on Windows 2000, but the latter is definitely not as good as the former.
Oh, yes: Now it feels good.
OK, no excuses (at least now). Let's discuss scripts. The script is as follows:
Copy the codeThe code is as follows:
strComputer = "."
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colProcessList = ("Select * from Win32_Process Where " & _
"Name = '' or Name = ''")
For Each objProcess in colProcessList
If InStr(, "") Then
colProperties = (strNameOfUser,strUserDomain)
"This script is running under the account belonging to " _
& strUserDomain & "\" & strNameOfUser & "."
End If
Next
As you can see, while this script can be easily run against a remote computer, we first connect to the WMI service on the local computer. (Yes, we did say this many times. But this is not an excuse, but just a statement of the fact: almost all WMI scripts run as well for remote computers as they do on local computers. We do talk about some substance from time to time!)
Next we encountered the following line of code:
Copy the codeThe code is as follows:
Set colProcessList = ("Select * from Win32_Process Where " & _
"Name = '' or Name = ''")
You may have guessed that we need to use the Win32_Process class to perform our tasks, because Win32_Process is a WMI class used to track all processes currently running on the computer. Of course, we don't care about all the processes running on the computer, we only care about scripts. Because of this, we added a Where clause that will only return information for the following two instances of the Windows script host: and.
Note: Yes, we could have written this script in a slightly different way, perhaps saving a line or two of code in the process. We chose this method because it is more similar to the method we performed this task on Windows 2000.
After issuing the query, we set up a For Each loop to traverse the returned collection. In this case, we try to determine the owner of the script named . Therefore, we need to check each script to see if its name is . How do we do it? By using the following line of code:
If InStr(, "") Then
What we are going to do here is to use the InStr function to determine whether the string can be found somewhere in the property CommandLine. What is the CommandLine attribute? Simply put, it is the command string required to start the script from a command prompt. For example, CommandLine might be the following:
C:\Scripts\Test Scripts\
Since we assume that there is no script named , we will check it. If you are worried about such name conflicts, then we can just use InStr and test against strings like \ . This is a question you have to decide.
If our target string can indeed be found in the CommandLine value, we will call the GetOwner method to find out the "owner" of the process (i.e., the name of the account under which the script runs):
(strNameOfUser,strUserDomain)
We need to use GetOwner to pass a pair of "output parameters". The output parameter is the variable that the method will fill with a value (that variable is named by ourselves). Here, we will pass variables named strNameOfUser and strUserDomain. In turn, GetOwner assigns the user name and the domain where the user who owns the process is located to these two variables.
All we have to do at this point is to echo the return information:
"This script is running under the account belonging to " _
& strUserDomain & "\" & strNameOfUser & "."
So, why can't we run this script on Windows 2000? In fact, there are good reasons to explain this: Only on Windows XP and Windows Server 2003 have the CommandLine attribute. On other versions of Windows, we cannot identify individual scripts; the best way is to return owner information for all instances that happen to be running and all instances. If only one script is running, there is no problem: or a single instance of the single script must be that single script. In other words, this means that the owner of the script host process is also the owner of the script process. If multiple scripts are run, it's another matter. If it is true for this situation, you'd better say, "Well, Ken Myer owns one of these scripts, although we don't know which one it is. A script he doesn't own happens to be owned by Pilar Ackerman.
No, not that good. But that's the truth. (Yes, this is an excuse. Although it is a bit loophole, it is an excuse.)
Here is the Windows 2000 solution (or some solutions):
Copy the codeThe code is as follows:
strComputer = "."
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colProcessList = ("Select * from Win32_Process Where " & _
"Name = '' or Name = ''")
For Each objProcess in colProcessList
strNameOfUser,strUserDomain
"A script is running under the account belonging to " _
& strUserDomain & "\" & strNameOfUser & "."
Next