Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- $explorerprocesses = @(Get-WmiObject -Query "Select * FROM Win32_Process WHERE Name='explorer.exe'" -ErrorAction SilentlyContinue)
- if ($explorerprocesses.Count -eq 0)
- {
- "No explorer process found / Nobody interactively logged on"
- } else {
- foreach ($i in $explorerprocesses)
- {
- $Username = $i.GetOwner().User
- $Domain = $i.GetOwner().Domain
- $Domain + "" + $Username + " logged on since: " + ($i.ConvertToDateTime($i.CreationDate))
- }
- }
- function get-logedonuser {
- param (
- [string]$computername = $env:COMPUTERNAME
- )
- Get-WmiObject -Class Win32_LogonSession -ComputerName $computername |
- foreach {
- $data = $_
- $id = $data.__RELPATH -replace """", "'"
- $q = "ASSOCIATORS OF {$id} WHERE ResultClass = Win32_Account"
- Get-WmiObject -ComputerName $computername -Query $q |
- select @{N="User";E={$($_.Caption)}},
- @{N="LogonTime";E={$data.ConvertToDateTime($data.StartTime)}}
- }
- }
Add Comment
Please, Sign In to add comment