I thought it would be valuable to summarize and compare the given answers.
If you want to access the **[environment variable][1]**:
---------------------------------------------------
*(easier/shorter/memorable option)*
- `[Environment]::UserName` -- @ThomasBratt
- `$env:username` -- @Eoin
- `whoami` -- @galaktor
*************
If you want to access the **[Windows access token][2]**:
----------------------------------------------------------
*(more dependable option)*
- `[System.Security.Principal.WindowsIdentity]::GetCurrent().Name` -- @MarkSeemann
***************
If you want the name of the logged in user
------------------------
(rather than the name of the user running the PowerShell instance)
- `$(Get-WMIObject -class Win32_ComputerSystem | select username).username` -- @TwonOfAn on [this other forum](
[To see links please register here]
)
****
Comparison
--------------
@Kevin Panko's comment on @Mark Seemann's answer deals with choosing one of the categories over the other:
> [The Windows access token approach] is the most secure answer, because $env:USERNAME can be altered by the user, but this will not be fooled by doing that.
In short, **the environment variable option is more succinct, and the Windows access token option is more dependable.**
I've had to use @Mark Seemann's Windows access token approach in a PowerShell script that I was running from a C# application with impersonation.
The C# application is run with my user account, and it runs the PowerShell script as a service account. Because of a limitation of the way I'm running the PowerShell script from C#, the PowerShell instance uses my user account's environment variables, even though it is run as the service account user.
In this setup, the environment variable options return my account name, and the Windows access token option returns the service account name (which is what I wanted), and the logged in user option returns my account name.
*****
Testing
--------
Also, if you want to compare the options yourself, here is a script you can use to run a script as another user. You need to use the Get-Credential cmdlet to get a credential object, and then run this script with the script to run as another user as argument 1, and the credential object as argument 2.
**Usage:**
$cred = Get-Credential UserTo.RunAs
Run-AsUser.ps1 "whoami; pause" $cred
Run-AsUser.ps1 "[System.Security.Principal.WindowsIdentity]::GetCurrent().Name; pause" $cred
**Contents of Run-AsUser.ps1 script:**
param(
[Parameter(Mandatory=$true)]
[string]$script,
[Parameter(Mandatory=$true)]
[System.Management.Automation.PsCredential]$cred
)
Start-Process -Credential $cred -FilePath 'powershell.exe' -ArgumentList 'noprofile','-Command',"$script"
(you may need a hyphen before `noprofile`, like so)
Start-Process -Credential $cred -FilePath 'powershell.exe' -ArgumentList '-noprofile','-Command',"$script"
[1]:
[To see links please register here]
[2]:
[To see links please register here]