Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #Requires –Version 2
- <#
- .SYNOPSIS
- Targets and terminates processes owned by a specified user (defaults to local user name if not specified).
- .DESCRIPTION
- This script can be used in situations where certain processes get hung up on a computer and need to be terminated, rather than terminating the entire user session. This is especially useful in terminal and citrix server environments when a user experiences a single hung process and it needs to be terminated in order to allow them to continue working.
- .PARAMETER ComputerName
- Queries and terminates processes running on the specified computers. If not specified, the local computer running the script will be used.
- .PARAMETER UserName
- Specifies the samAccountName (or Windows logon name) of the user who owns the process(es) you wish to terminate. If not specified, the domain username of the account running the script will be used.
- .PARAMETER DomainName
- Specifies the domain name of the user who owns the process(es) you wish to terminate. If not specified, the domain name of the account running the script will be used.
- .PARAMETER ProcessName
- Specifies the name of the process you wish to terminate. Use full filename with extension. Only .bat, .com, and .exe's are supported. This is a mandatory parameter.
- .LINK
- http://community.spiceworks.com
- .NOTES
- Host account running the script needs to have administrative privileges over the local/remote host where the process(es) will be terminated.
- .EXAMPLE
- PS C:\>.\Stop-ProcessByOwner.ps1 -ProcessName mmc.exe -UserName Rob -DomainName LocalDomain -ComputerName RemoteComputer1
- This command terminates all 'mmc.exe' processes owned by LocalDomain\Rob on remote computer 'RemoteComputer1' with no logging in the console.
- .EXAMPLE
- PS C:\>.\Stop-ProcessByOwner.ps1 -ProcessName mmc.exe -UserName Rob -DomainName LocalDomain -ComputerName RemoteComputer1,RemoteComputer2,RemoteComputer3
- This command terminates all 'mmc.exe' processes owned by LocalDomain\Rob on remote computers 'RemoteComputer1,' 'RemoteComputer2,' and 'RemoteComputer3' with no logging in the console.
- .EXAMPLE
- PS C:\>.\Stop-ProcessByOwner.ps1 -ProcessName mmc.exe -UserName Rob -DomainName LocalDomain -Verbose
- This command terminates all 'mmc.exe' processes owned by LocalDomain\Rob on the computer executing the script, with all logging displayed in the console.
- .EXAMPLE
- PS C:\>.\Stop-ProcessByOwner.ps1 -ProcessName mmc.exe -UserName Rob -DomainName LocalDomain -Verbose -WhatIf
- This command will perform a 'WhatIf' scenario, showing which processes would be terminated (but no action is taken), with all logging displayed in the console.
- #>
- [CmdletBinding(SupportsShouldProcess=$true)]
- Param(
- [Parameter(ValueFromPipelineByPropertyName=$true,Position=0)] [array] $ComputerName,
- [Parameter(ValueFromPipelineByPropertyName=$true,Mandatory=$true)]
- [ValidateScript({
- If ($_ -like "*.exe*") {
- $true
- }
- ElseIf ($_ -like "*.com*") {
- $true
- }
- ElseIf ($_ -like "*.bat*") {
- $true
- }
- Else {
- Throw "'$($_.toUpper())' does not have a valid extension (.bat, .com, .exe)."
- }
- })]
- [string] $ProcessName,
- [Parameter(ValueFromPipelineByPropertyName=$true)][string] $DomainName = $env:USERDOMAIN,
- [Parameter(ValueFromPipelineByPropertyName=$true)][string] $UserName = $env:USERNAME
- )
- BEGIN {
- #Clear-Host
- Write-Verbose "=========================================="
- Write-Verbose "Script process started at $(Get-Date)"
- Write-Verbose "Process name specified: $ProcessName"
- Write-Verbose "Domain\User specified: $DomainName\$UserName"
- Write-Verbose "=========================================="
- }
- PROCESS {
- ForEach ($Computer in $ComputerName) {
- Write-Verbose "Processing computer $Computer..."
- $Processes = Get-WmiObject -class win32_process -computer $Computer -Filter "name = '$ProcessName'" -ErrorAction SilentlyContinue
- If (!$Processes) {
- Write-Warning "[$Computer] No running processes named '$ProcessName' found..."
- }
- else {
- foreach ($Process in $Processes) {
- $temp = $Process.getowner()
- if (($temp.user -eq $UserName) -and ($temp.domain -eq $DomainName)) {
- Write-Verbose "$($Computer.toupper()):Process $($Process.name) owned by $($temp.domain)\$($temp.user) with process ID of $($Process.processid)"
- If ($PSCmdlet.ShouldProcess("$ProcessName with Process ID $($Process.ProcessId)","Terminate process")) {
- Write-Verbose "Attempting to terminate process $($Process.name)..."
- #sleep 3
- $Result = $Process | ForEach-Object {Invoke-WmiMethod -Name terminate -InputObject $_}
- If ($Result.ReturnValue -eq 0) {
- Write-Verbose "'$($ProcessName)' terminated successfully at $(Get-Date)"
- }
- }
- }
- else {
- Write-Warning "[$($Computer.toUpper())] '$($Process.name)' found with process ID $($Process.ProcessId), but does not belong to $DomainName\$UserName (owner:$($temp.domain)\$($temp.user)) - skipping..."
- }
- }
- }
- }
- }
- END {
- Write-Verbose "=========================================="
- Write-Verbose "Script Processing complete at $(Get-Date)."
- Write-Verbose "=========================================="
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement