→ 🚀What's New? Join Us for the Fall Product Launch! Register Now !
08-10-2021 04:33 PM
09-03-2024 08:21 AM
I have same issue, running 11.4.0.3
Autopilot/azure-ad joined machines are shown being part of "Workgroup" instead of the domain.
Would it possible to indicate somehow that the machine is azure-ad joined, even if the domain name is not possible to show?
09-03-2024 08:32 AM
We are currently migrating to Azure AD and are at 50%
Lansweeper became pretty useless for those devices in Azure AD. Very confusing reports.
Hope they will fix this soon.
08-14-2023 09:21 PM
Hello! We are migrating to Autopilot and Intune and joining our devices to AzureAD.
This will make Lansweeper not very useable for us if it can't see these machines anymore...
09-04-2023 02:43 PM
Hello,
This problem should have been resolved in Lansweeper version 10.3 and higher. It is assumed to be LAN-13956 in our changelog (https://www.lansweeper.com/changelog/ ).
If you would still encounter this problem with the latest version, please contact Support@lansweeper.com.
Thanks!
09-03-2024 07:15 AM
This issue is still not resolved.
We are running version v. 11.2.0.3 and still see our AAD Joined devices as "WORKGROUP" joined.
__PRESENT
__PRESENT
09-10-2024 06:18 PM
Actually, LAN-13956 was about Entra Id(Azure Ad) users being erroneously identified as WORKGROUP\username. That should have been fixed.
The assets are indeed still identified as being a member of WORKGROUP, because that's what they report back to us via the WMI calls. Currently, we only scan users and groups from Entra Id. See https://community.lansweeper.com/t5/scanning-your-network/scan-microsoft-entra-id-azure-ad-users-and... for more details.
09-11-2024 08:56 AM
I got mixed signals when I contacted support about this. To me it was suggested to enable user and group scan in Entra as a solution (though I couldn't understand how that would have fixed the issue).
I hope that Lansweeper acknowledges this issue as something serious. It honestly messes up all your reports and compliancy checks because you cannot distinguish domain joined, Azure AD joined and rogue (workgroup joined) devices.
It is true that WMI does return either the domain or Workgroup. But I guess Lansweeper could work around this by also querying the registry.
I have a PowerShell script where I query WMI and the registry for that info...
# Get the computer system information
$ComputerSystem = Get-WmiObject -Class Win32_ComputerSystem
# Initialize join type and description variables
$JoinType = "Unknown"
$JoinDescription = ""
# Check if the device is part of a domain
if ($ComputerSystem.PartOfDomain) {
# Check the domain role and output the domain name
switch ($ComputerSystem.DomainRole) {
0 {
$JoinType = "Standalone Workstation"
$JoinDescription = "The computer is not connected to a domain and operates as a standalone workstation in a workgroup."
}
1 {
$JoinType = "Member Workstation"
$JoinDescription = "The computer is part of the domain '$($ComputerSystem.Domain)' and operates as a workstation managed by a domain controller."
}
2 {
$JoinType = "Standalone Server"
$JoinDescription = "The computer is a standalone server, not part of a domain."
}
3 {
$JoinType = "Member Server"
$JoinDescription = "The computer is part of the domain '$($ComputerSystem.Domain)' and operates as a server managed by a domain controller."
}
4 {
$JoinType = "Backup Domain Controller"
$JoinDescription = "The computer is a backup domain controller in the domain '$($ComputerSystem.Domain)'. It helps manage domain authentication and services."
}
5 {
$JoinType = "Primary Domain Controller"
$JoinDescription = "The computer is the primary domain controller in the domain '$($ComputerSystem.Domain)'. It is responsible for managing domain resources, authentication, and policies."
}
}
}
else {
# Check if the device is Azure AD joined by querying the correct registry key
$RegistryPath = "HKLM:\SOFTWARE\Microsoft\Enrollments"
$Enrollments = Get-ChildItem -Path $RegistryPath -ErrorAction SilentlyContinue
$AzureADJoined = $false
foreach ($Enrollment in $Enrollments) {
$EnrollmentPath = $Enrollment.PSPath
$JoinTypeKey = Get-ItemProperty -Path $EnrollmentPath -ErrorAction SilentlyContinue
# Check if the enrollment is related to Azure AD
if ($JoinTypeKey -and $JoinTypeKey.AADTenantID -ne $null) {
$AzureADJoined = $true
break
}
}
# Set the join type based on the registry check
if ($AzureADJoined) {
$JoinType = "Azure AD Joined"
$JoinDescription = "The device is joined to Azure Active Directory."
}
else {
# If not Azure AD joined, assume it's a Workgroup device
$JoinType = "Workgroup"
$JoinDescription = "The computer is not part of a domain or Azure AD, and is in a workgroup."
}
}
# Output the join type and description
$JoinType
$JoinDescription
__PRESENT
01-26-2023 02:01 PM
Hi,
I would like to know if you managed to solve this problem, or if the Lansweeper support helped with a solution, because I am facing the same error with my device
Thanks
01-24-2022 01:08 PM
WANOLOIS wrote:
Hi,
LsAgent doesn't seem to recognise the domain on Azure AD joined laptops, and displays the logged on user as WORKGROUP\username.
Is there a way to correct this or will LsAgent fix this in the future and recognise the device and users are part of an Azure AD domain?
Thanks!
Experience Lansweeper with your own data. Sign up now for a 14-day free trial.
Try Now