作为管理员,我可以通过运行此命令来获取用户进程
Get-Process -IncludeUserName | Where UserName -match test但作为非管理员,我无法使用
-IncludeUserName那么,如果我以用户测试身份登录,如何仅列出他的进程而不列出正在运行的所有进程?
这更快,一行,不需要管理员。
Get-Process | ? {$_.SI -eq (Get-Process -PID $PID).SessionId}
您可以通过 WMI 来做到这一点。这是一篇文章的摘录,您可以在这里找到。
$View = @(
@{l='Handles';e={$_.HandleCount}},
@{l='NPM(K)';e={ (Get-Process -Id $_.ProcessId).NonpagedSystemMemorySize/1KB -as [int]}},
@{l='PM(K)';e={ $_.PrivatePageCount/1KB -as [int]}},
@{l='WS(K)';e={ $_.WorkingSetSize/1KB -as [int]}},
@{l='VM(M)';e={ $_.VirtualSize/1mB -as [int]}},
@{l='CPU(s)';e={ (Get-Process -Id $_.ProcessId).CPU -as [int]}},
@{l='Id';e={ $_.ProcessId}},
'UserName'
@{l='ProcessName';e={ $_.ProcessName}}
)
Get-WmiObject Win32_Process | % { $_ |
Add-Member -MemberType ScriptProperty -Name UserName -Value {
'{0}\{1}' -f $this.GetOwner().Domain,$this.GetOwner().User
} -Force -PassThru
} | ? UserName -match $env:USERNAME | ft $View -AutoSize
Get-Process$owners = @{}
gwmi win32_process |% {$owners[$_.handle] = $_.getowner().user}
$ps = get-process | select processname,Id,@{l="Owner";e={$owners[$_.id.tostring()]}}
foreach($p in $ps) {
if($p.Owner -eq $env:USERNAME) {
$p
}
}
感谢您的代码。基于此,我创建了一个修改版本,以允许用户杀死自己的进程(一部分):
#Script to allow users to kill (a subset of) their own processes
#Based on : https://stackoverflow.com/questions/35195221/list-process-for-current-user
#Previously we used Task Nanny created by Michel Stevelmans which is a lot faster, but it did not show a process that was causing issues for our users.
$UserProcesses = @()
$Owners = @{}
Get-WmiObject win32_process | Foreach{$owners[$_.handle] = $_.getowner().user}
$Processes = Get-Process | select processname,Description,Id,@{l="Owner";e={$owners[$_.id.tostring()]}}
Foreach($Process in $Processes)
{
IF($process.Owner -eq $env:USERNAME)
{
$UserProcesses += $Process
}
}
$UserProcessesToExclude = @(
'concentr', #Citrix Connection Center
'conhost', #Console Window Host
'dwm', #Desktop Windows Manager
'explorer', #Explorer
'Receiver', #Citrix Receiver Application
'rundll32', #Windows host process (Rundll32)
'ssonsvr', #Citrix Receiver
'taskhost' #Host Process for Windows Tasks
'wfcrun32' #Citrix Connection Manager
'wfshell' #Citrix wfshell shell
)
$UserProcesses | Where{$_.ProcessName -notin $UserProcessesToExclude} | Out-GridView -Title 'Task killer - Select the process(es) you want to kill. Hold CTRL to select multiple processes.' -PassThru | Foreach{Stop-Process -id $_.Id}
要添加到 Marc 的 answer,这里有一个适用于 PowerShell 7 的版本(其中 Get-WMIObject 不可用):
$procs = Get-CimInstance Win32_Process | Where { ($_.ProcessName -eq "pwsh.exe") -or ($_.ProcessName -eq "powershell.exe") }
$procsWithOwner = $procs | ForEach-Object {
$owner = Invoke-CimMethod -InputObject $_ -MethodName "GetOwner" | Select -ExpandProperty "User"
$_ | Add-Member -NotePropertyName "Owner" -NotePropertyValue $owner -PassThru
}
$procsWithOwner | Select Name,ProcessId,Owner
该技术的来源:https://devblogs.microsoft.com/scripting/get-process-owner-and-other-info-with-wmi-and-powershell/