I have had this question again and again and again… and again…

Unfortunately the orchestration console does not show which user did trigger the runbook.

But this does not mean that it is not logged, you can actually use it as a filter in the console:



The user SID is in the “CreatedBy” field, but if you check the database, only the SID is saved.

So you will have to use the user objectSID in the filter, if you want to filter the jobs.


But this makes it possible for us to get the user info from the SID.

By using a clever SQL query, we can use the runbook process ID and runbook name to get the correct job. (since this is what we have available in the runbook)


The runbook:



  1. Receive runbook name and process ID
  2. Query the database for the user SID
  3. Use powershell to get samaccountname from sid (only current domain is supported. No active directory module needed)
  4. Return Sam Account Name
  5. If the sid is S-1-5-500, it has been triggered from the Runbook Designer and the runbook returns a string and not the sam account name

Testing / Using the runbook:


Please notice that the link out of the “invoke Runbook” activity will exclude if the result is the system sid and will not send an email

Download from TechNet Gallery:



This is only intended as a proof of concept, runbook might not be ready for production.