Identifying logged on users
There may be instances where you need to identify users that are logged in to your systems. When a user logs into your computer, they create an interactive session with your system. This spawns processes under that username as the process owner. Additionally, when you create a service account to start services on a system, the underlying processes run as that service account. Given that both methods invoke processes, the best method to determine currently logged on users is to evaluate the running processes.
In addition to identifying the logged in users, you will need to filter out the built-in Windows accounts. To perform this, you can create a switch statement to make multiple evaluations of the process owner. If the process owner username is NETWORK SERVICE, LOCAL SERVICE, $null, or SYSTEM, you can skip reporting the username. If it doesn't match any of these values, it will use the default switch and report the user to a list. Since multiple processes run...
