whoamiWHOAMI Command – Display Current User and Security Info in Windows
Learn how to use the WHOAMI command to display the current user name, group memberships, and privileges in Windows CMD. Guide covers syntax, /groups, /priv, and security troubleshooting.
The WHOAMI command is a Windows Command Prompt utility that displays the user name and security identifier (SID) of the currently logged-in user. Use WHOAMI for basic user identification, WHOAMI /groups to list group memberships, or WHOAMI /priv to view user privileges—essential for security auditing, script logic, and troubleshooting permission issues.
Whether you're a system administrator verifying user context before running elevated commands, a developer checking which account a script executes under, or an IT professional auditing access rights and group memberships, WHOAMI provides instant user identification without navigating through Control Panel or Settings. Security teams rely on WHOAMI for compliance audits, access verification, and troubleshooting "access denied" errors.
This comprehensive guide covers WHOAMI syntax, all parameters including /groups and /priv, practical examples for user verification and scripting, troubleshooting tips for common issues, related commands, and frequently asked questions. By the end, you'll confidently use WHOAMI for user identification and security verification in Windows environments.
What Is the WHOAMI Command?
The WHOAMI command is a built-in Windows utility that displays the current user's identity in various formats. It shows the user name in COMPUTERNAME\USERNAME format, and with optional switches displays group memberships, privileges, and logon ID. WHOAMI is available in Windows Vista and later, including Windows 10, Windows 11, and all Windows Server editions.
WHOAMI runs in Command Prompt (CMD), PowerShell, and batch files. It requires no special permissions to display basic user information—even standard users can run WHOAMI to see their own identity. The command helps verify which security context a process or script runs under, critical for troubleshooting permission errors and ensuring correct user context for administrative tasks.
WHOAMI vs Other User Commands
- WHOAMI: Quick user identity; built-in; no installation required
- NET USER: Manages user accounts; requires administrator for full functionality
- WHOAMI /USER: Shows SID; useful for scripting and security
- SYSTEMINFO: Shows registered owner; broader system context
Syntax
WHOAMI [/UPN | /FQDN | /LOGONID] [/USER] [/GROUPS] [/PRIV] [/ALL]
Parameters
| Parameter | Description |
|---|---|
| (none) | Displays domain\username of current user |
/UPN | Displays user principal name (user@domain) |
/FQDN | Displays fully qualified domain name |
/LOGONID | Displays logon ID |
/USER | Displays current user with SID |
/GROUPS | Displays group memberships |
/PRIV | Displays user privileges |
/ALL | Displays all user, group, and privilege information |
How to Use WHOAMI Command
Display Current User Name
Run WHOAMI without arguments to see the logged-in user:
WHOAMI
Output example:
DESKTOP-ABC123\User
Display Group Memberships
Use /groups to list all groups the current user belongs to:
WHOAMI /GROUPS
Output shows group names and SIDs. Useful for verifying domain group membership and troubleshooting access issues.
Display User Privileges
Use /priv to see privileges assigned to the current user:
WHOAMI /PRIV
Output shows privilege names, descriptions, and whether each is enabled. Essential for understanding why certain operations succeed or fail.
Display All Information
Use /all for comprehensive output combining user, groups, and privileges:
WHOAMI /ALL
Common Use Cases
-
Verify user context before admin tasks – Run WHOAMI before executing elevated commands to confirm you're under the expected account.
-
Troubleshoot access denied errors – Check group memberships and privileges when files or commands fail with permission errors.
-
Script user verification – Use WHOAMI in batch scripts to branch logic based on current user or verify script runs under correct account.
-
Security auditing – Document which user performed actions by including WHOAMI output in logs and audit trails.
-
Remote support – Have users run WHOAMI to quickly identify their account when troubleshooting permission issues.
-
Compliance documentation – Include WHOAMI output in access verification reports and compliance audits.
-
Domain vs local account detection – WHOAMI output format (DOMAIN\user vs COMPUTER\user) indicates domain or local account.
-
Privilege escalation verification – After using RUNAS, run WHOAMI to confirm the new user context.
-
Automated reporting – Redirect WHOAMI output to files for user context documentation in deployment scripts.
-
Service account verification – When troubleshooting services, run WHOAMI in the service context to verify which account it uses.
Tips and Best Practices
-
Use WHOAMI at script start – Log WHOAMI output at the beginning of scripts to document execution context for troubleshooting.
-
Combine with FIND – Filter WHOAMI output:
WHOAMI /GROUPS | FIND "Administrators"to check admin membership. -
Redirect for audit trails – Use
WHOAMI /ALL > user_context.txtto save user context for compliance. -
Verify after RUNAS – Run WHOAMI after using RUNAS to confirm the elevated context is active.
-
Check before sensitive operations – Always verify user context before modifying system files or registry.
-
Use /USER for SID in scripts – WHOAMI /USER provides SID for programmatic user identification.
-
Understand output format – COMPUTER\user = local; DOMAIN\user = domain account.
-
Run as Administrator when needed – Some privilege information may require elevated prompt for full visibility.
Troubleshooting Common Issues
WHOAMI Shows Unexpected User
Problem: WHOAMI displays a different user than expected.
Cause: Script or process may run under different credentials (scheduled task, service, RUNAS).
Solution: Check how the script was launched. Use WHOAMI at the start of the script to capture actual execution context. Verify scheduled task "Run as" setting.
Prevention: Document expected user context in script comments. Add WHOAMI to script logging.
WHOAMI /GROUPS Shows Limited Groups
Problem: Group list seems incomplete.
Cause: Token may not include all groups; some groups require re-logon to appear.
Solution: Log off and log back on to refresh group membership. For domain changes, wait for replication or run gpupdate /force.
Prevention: Allow time for group changes to propagate. Use WHOAMI /ALL for comprehensive output.
Access Denied Despite Admin Group
Problem: User is in Administrators group but gets access denied.
Cause: UAC may block elevation; process may run with filtered token.
Solution: Run Command Prompt "as Administrator" for full elevation. Check UAC settings. Verify with WHOAMI /PRIV that required privileges are enabled.
Prevention: Understand UAC and filtered admin tokens. Request elevation explicitly when needed.
Related Commands
RUNAS – Run as Different User
RUNAS executes programs under a different user account. Use RUNAS to elevate, then WHOAMI to verify the new context.
When to use: Elevation and privilege testing. See RUNAS command guide.
NET USER – User Account Management
NET USER displays and manages user accounts. WHOAMI shows current user; NET USER manages user database.
When to use: Account management vs. current user identification.
SYSTEMINFO – System Context
SYSTEMINFO shows registered owner and system details. WHOAMI shows logged-in user; SYSTEMINFO shows broader system info.
When to use: System identification vs. user identification.
HOSTNAME – Computer Name
HOSTNAME displays computer name. Combine with WHOAMI for full identification: HOSTNAME & WHOAMI.
When to use: Complete system and user identification.
Frequently Asked Questions
What does the WHOAMI command do?
WHOAMI displays the user name and security information of the currently logged-in user. Without parameters it shows COMPUTER\USER format. Use /groups for group memberships and /priv for privileges.
How do I check which user I'm logged in as?
Run WHOAMI in Command Prompt. The output shows your user name in COMPUTERNAME\USERNAME format. Use WHOAMI /ALL for complete user, group, and privilege information.
What is the difference between WHOAMI and WHOAMI /groups?
WHOAMI displays only the user name. WHOAMI /groups displays all group memberships including domain groups, local groups, and well-known SIDs.
How do I check if I have administrator privileges?
Run WHOAMI /GROUPS and look for "Administrators" or "BUILTIN\Administrators" in the output. Or run WHOAMI /PRIV to see enabled privileges. Running an elevated Command Prompt also indicates admin context.
Can WHOAMI show the domain user?
Yes. When logged in with a domain account, WHOAMI displays DOMAIN\username. When logged in locally, it shows COMPUTERNAME\username. Use WHOAMI /UPN for user@domain format.
How do I use WHOAMI in a batch script?
Use FOR /F to capture output: FOR /F "tokens=*" %%i IN ('WHOAMI') DO SET CURRENT_USER=%%i. Or redirect: WHOAMI > user.txt.
Does WHOAMI work in PowerShell?
Yes, WHOAMI works in PowerShell. For PowerShell-native user info, use $env:USERNAME or [System.Security.Principal.WindowsIdentity]::GetCurrent().Name.
Why does WHOAMI show different users in different windows?
Each Command Prompt window runs in its own process. If you used RUNAS in one window, that window shows the RUNAS user. Other windows show the original logon user.
How do I get the user SID with WHOAMI?
Use WHOAMI /USER to display the user name with its security identifier (SID). The SID appears in parentheses after the user name.
Can WHOAMI query remote computers?
No, WHOAMI only displays information for the local computer and current session. For remote user context, use PowerShell's Invoke-Command or WMI.
Quick Reference Card
| Command | Purpose | Example Use Case |
|---|---|---|
WHOAMI | Display current user | Quick user check |
WHOAMI /GROUPS | List group memberships | Verify admin membership |
WHOAMI /PRIV | Display privileges | Troubleshoot access |
WHOAMI /ALL | Full user info | Comprehensive audit |
WHOAMI /USER | User with SID | Scripting, automation |
WHOAMI > user.txt | Save to file | Audit documentation |
Try WHOAMI Command Now
Ready to practice user identification? Use our Windows Command Simulator to run WHOAMI commands in your browser. Practice WHOAMI, WHOAMI /groups, and WHOAMI /priv in a safe environment.
Explore the full Commands Reference for more Windows CMD utilities, including RUNAS for running as different user, SYSTEMINFO for system details, and HOSTNAME for computer identification.
Summary
The WHOAMI command provides instant user identification in Windows, displaying the current user name, group memberships, and privileges. Use WHOAMI for security verification, troubleshooting permission issues, and script logic that depends on user context. The command requires no parameters for basic use and offers /groups, /priv, and /all for detailed information. Combine WHOAMI with RUNAS to verify elevated context and with HOSTNAME for complete system identification. Master WHOAMI for effective user context verification in Windows administration and scripting.