Get user details of a subsystem

Welcome Forums General PowerShell Q&A Get user details of a subsystem

This topic contains 3 replies, has 3 voices, and was last updated by

 
Participant
6 months, 1 week ago.

  • Author
    Posts
  • #101698

    Participant
    Points: 12
    Rank: Member

    Hi Folks,
    Is there a way of extracting the user details of all subsystems (OS and the applications installed on them)?
    My issue is to extract the user details of the OS ( has been fixed). I need to find the user credentials for applications hosted on the OS like IIS for an example.
    Also the OS are different.. Linux, AIX, Windows.

    Any help will be highly appreciated.
    Thanks.

  • #101700

    Participant
    Points: 307
    Helping Hand
    Rank: Contributor

    Where is the code that you have tried and that is not working or having errors?
    What user details?
    What do you mean user creds?

    You cannot get user passwords. You can get user profile information. Apps in general, on Windows are assigned to the machine, only settings are applied to a user.

    There is no canned way to do this. Each OS stores its user data differently and you need to know how that it even before you'd begin this task.

    If you are after IIS info, that is what the WebAdministration module on IIS is for.

    So, break your task into steps. Example:
    Attack each step one at a time to be sure you are getting what you need.
    Where is user info stored – try and get to it locally first, then remotely
    Where is app information stored – try and get to it locally first, then remotely
    Where is user app config stored – try and get to it locally first, then remotely
    Where is app service information stored. – try and get to it locally first, then remotely
    Stream line into a script. – try and get to it locally first, then remotely

  • #101733
    js

    Participant
    Points: 302
    Helping Hand
    Rank: Contributor

    What have you tried so far? Maybe this would help:

    get-process -includeusername
  • #101764

    Participant
    Points: 307
    Helping Hand
    Rank: Contributor

    8^}
    Nope that does not help. All that does is get whatever processes are currently running on the user system.

    Yes, this will tell you what apps (in a process) are running and the user who is using it, but that is not what you post is asking for.

    For example, on IIS, it will always shows as the app identity configured for the IIS app, not the user using the app. To determine if a user is using an IIS app, you have to look to the dev to trap for that, or look at event log info on log on attempts for the IIS app.

    So, again, you really need to step back a moment and identify all the particulars in order that you are after and attack them one at a time.

The topic ‘Get user details of a subsystem’ is closed to new replies.