Showing results for 
Show  only  | Search instead for 
Did you mean: 
Not applicable
This might sound crazy, but why don't you try to make the scan of HKCU work, at least for domain users?

I had to do this right now in Autoit, and it works:
1 - using function LookoutAccountSid, I get the current logged on SID
2 - the current logged on user can be read depending on the OS:
- for x64 from HKLM64\Software\Microsoft\Windows\CurrentVersion\Authentication\LogonUI, LastLoggedOnUser
- for x86 from HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\, AltDefaultUserName

Then you scan the HKU\SID\ part. Does this make any sense to be implemented? If you ask me, yes it does. 🙂

Not applicable
When the scan is done is because a user has just logged on, so the LastLoggedOnUser will change, multiple logons will reflect that, the user will change but the computer is the same. When I make a scan the scan will reflect all that, for me it's acceptable and it's better to have this than have nothing, what do you think?

When someone asks me something like "please check what office languages are being used" - I only have to add a registry scan and create reports accordingly. The greatest thing is that now I can force a full scan and have the data immediately. Several users will show up on the same computer, that's acceptable and reflects the real thing.
Lansweeper Alumni
How should lansweeper handle the following when scanning HKCU:
(delete old information, add new information, ...)

1) no user is logged on.
2) multiple users are logged on.
3) a different user is logged on as last time.