how to (programmatically) verify the user ID of any application process is not an Administrators account in windows RRS feed

  • Question

  • in unix, generally we use   ps -ef | grep "^root"  to identify any application process that is owned by root.

    Similarly I need to very 100's of windows systems to identify if there are any application processes owned by an Admin. 

    Is there any programmatic way of identifying this task in Windows?

    <style type="text/css">p.p1 {margin: 0.0px 0.0px 0.0px 0.0px; font: 11.0px Menlo; color: #000000; background-color: #ffffff} span.s1 {font-variant-ligatures: no-common-ligatures} </style>

    • Moved by Stanly Fan Wednesday, November 15, 2017 5:33 AM
    Tuesday, November 7, 2017 9:31 PM

All replies

  • Hi AJReddy1,

    Could you please provide more details for your question? Just like what language do you use? And what project do you use?

    This forum is discussing and asking questions about the Windows Forms Application and ClickOnce, Is your question related Winform?

    Hope you can provide more information.



    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Wednesday, November 8, 2017 8:37 AM
  • Have to ask ...   Why? 

    There are many processes running on every Windows machines in an elevated or secure context.  Without them Windows just doesn't work. 

    What problem are you trying to solve by doing this? 

    Regards, Phill W.

    Wednesday, November 8, 2017 4:57 PM
  • Hi Phill,

    I am trying to identify if there is any user/application process owned by Admin/System account. Just like we asked Linux users to create separate user accounts to install applications, on windows also we need to ask the dev teams not to install their applications in the built in System/Admin accounts.

    Tuesday, November 14, 2017 7:43 PM
  • > "we need to ask the dev teams not to install their applications in the built in System/Admin accounts."

    Again, why?
    What is the "Big Picture" problem that you're trying to solve here? 

    Windows software is complicated these days and many "bits" of it have to run in secure contexts.  Prevent that and you effectively stop your Developers from working at all.  

    If the problem is that the deployed application has to be run "elevated", which should have died out with Windows Vista, then you have to change your working process so that Developers are forced to test their applications on a machine where they don't have permissions to get past the U.A.C. challenge.  That will very quickly focus their minds on writing UAC compliant code. 

    Regards, Phill W.

    Wednesday, November 15, 2017 8:15 AM