KB – Report the current logged in user
Since Workspace ONE is not able to switch the enrollment user for now (changes are coming), you might want to have an overview when a different user is logged in.
If there is another user logged in which is not the enrollment user, there are some commands not executed – see HERE.
To get the current logged in user you can run this PowerShell script in system context:
$quserResult = quser /server:$computer 2>&1
If ( $quserResult.Count -gt 0 )
{
$quserRegex = $quserResult | ForEach-Object -Process { $_ -replace '\s{2,}',',' }
$quserObject = $quserRegex | ConvertFrom-Csv
$userSession = $quserObject | Where-Object -FilterScript { $_.State -eq 'Active' }
$UserName = $userSession.USERNAME
}
return $UserNameAnd if you want to have a check if the current logged-in user is the same (or a different) user as the enrollment user, you can run this PowerShell script in system context:
$quserResult = quser /server:$computer 2>&1
If ( $quserResult.Count -gt 0 )
{
$quserRegex = $quserResult | ForEach-Object -Process { $_ -replace '\s{2,}',',' }
$quserObject = $quserRegex | ConvertFrom-Csv
$userSession = $quserObject | Where-Object -FilterScript { $_.State -eq 'Active' }
$UserName = $userSession.USERNAME
}
$CurrentUser = (Get-WmiObject -Class win32_userAccount | Where-Object {$_.Name -eq $UserName}).SID
#Search enrollment
$ParentPath = (Get-ChildItem -Path HKLM:\SOFTWARE\Microsoft\Enrollments -Recurse | Where-Object {$_.Name -like "*Airwatch*"}).PSParentPath
if($ParentPath)
{
$MDMID = Split-Path $ParentPath -Parent | Split-Path -Leaf
$MDMEnrollmentSID = Get-ItemPropertyValue "HKLM:\SOFTWARE\Microsoft\Enrollments\$($MDMID)" -Name SID
if($MDMEnrollmentSID -like "*$CurrentUser*")
{
return $True
}
else{return $false}
}
else{return $false}After you created the sensors, you can create an intelligent report for better visibility.
Written by
Empowering customers in client management since 2012.
Empowering customers in modern management since 2018.
