logged on user

These Windows and Macintosh inspectors return information about the currently logged-on user. With the advent of Terminal Services and Fast User Switching, these inspectors are designed to iterate over all logged on users. Windows Note: If Terminal Services are available (NT/2000/2003/XP/Vista) and enabled, these inspectors iterate over the active and disconnected sessions as returned by WTSEnumerateSessions. Disconnected sessions are those where a user logs on, but is currently inactive. On Vista, the non-interactive session 0 (used for services isolation) is not included. If Terminal Services aren't available, the ACLs on the security descriptor of the "winsta0" window station are examined for user logons. On Windows 9x systems, these inspectors return the user session associated with the registry value "Current User" of "SYSTEM\CurrentControlSet\Control" if it exists. Otherwise, if a shell process process such as Explorer.exe is running, they return a single session associated with an unnamed user (which occurs when the user cancels the 9x login dialog).

Creation
Properties

Parent: user

Version	Platforms
8.0.584.0	Mac, Windows
8.2.1078.0	AIX, Debian, HP-UX, Red Hat, SUSE, Solaris, Ubuntu
9.5.13.130	Raspbian

Creation

current user : logged on user

Returns the active console (local) user, if logged on, otherwise returns "Does not exist". For all users that are logged on remotely, for instance through RDP, telnet, ssh, VNC, putty and so on, this inspector returns "Does not exist".

Plural: current users

Version	Platforms
8.0.584.0	Mac, Windows
8.2.1078.0	AIX, Debian, HP-UX, Red Hat, SUSE, Solaris, Ubuntu
9.5.13.130	Raspbian

permalink source

logged on user : logged on user

Returns zero or more users logged on to this computer. This inspector iterates through all logged-on users, using Fast User Switching, Terminal Services, ACLs, and on Win 9x, the registry.

Plural: logged on users

Version	Platforms
8.0.584.0	Mac, Windows
8.2.1078.0	AIX, Debian, HP-UX, Red Hat, SUSE, Solaris, Ubuntu
9.5.13.130	Raspbian

permalink source

logged on user of <user> : logged on user

Converts a user into a 'logged on' user type -- if and only if the specified user is currently logged in.

Plural: logged on users

Version	Platforms
8.1.535.0	Windows
8.2.1310.0	Mac

permalink source

Properties

active of <logged on user> : boolean

Returns True if the specified user session is active (either as a current Fast User or an active terminal services connection).

Plural: actives

Version	Platforms
8.0.584.0	Mac, Windows
8.2.1078.0	AIX, Debian, HP-UX, Red Hat, SUSE, Solaris, Ubuntu
9.5.13.130	Raspbian

permalink source

activity history of <logged on user> : activity history

Returns the activity history of the specified logged-on user. This.

Plural: activity histories

Version	Platforms
8.0.584.0	Windows

permalink source

name of <logged on user> : string

If Terminal Services is available and enabled under NT4/2000/2003/XP/Vista, this inspector returns the result of WTSQuerySessionInformation with WTSUserName. With Terminal Services disabled, it examines the ACLs on the security descriptor of the "winsta0" window station. Under Windows 9x, returns the "Current User" of "SYSTEM\CurrentControlSet\Control" if it exists. Otherwise returns No Such Object.

Plural: names

Version	Platforms
8.0.584.0	Windows
8.2.1078.0	AIX, Debian, HP-UX, Mac, Red Hat, SUSE, Solaris, Ubuntu
9.5.13.130	Raspbian

permalink source

process id of <logged on user> : integer

Returns the process id number for the base session process for logged on users, usually the session manager.

Plural: process ids

Version	Platforms
8.2.1078.0	AIX, Debian, HP-UX, Red Hat, SUSE, Solaris, Ubuntu

permalink source

remote of <logged on user> : boolean

Returns True if the user session is a remote terminal services connection.

Plural: remotes

Version	Platforms
8.0.584.0	Mac, Windows
8.2.1078.0	AIX, Debian, HP-UX, Red Hat, SUSE, Solaris, Ubuntu
9.5.13.130	Raspbian

permalink source

session id of <logged on user> : integer

No documentation exists.

Plural: session ids

Version	Platforms
8.2.1078.0	Mac, Windows

permalink source

session id of <logged on user> : string

Returns the session id, which uniquely identifies a logged on user session. A logged-on user is a subclass of a user, and adding the session id uniquely identifies the session.

Deprecated: This property was removed in version 8.1.653.0.

Plural: session ids

Version	Platforms
8.0.584.0	Mac

permalink source

sid of <logged on user> : security identifier

Returns the Security ID (SID) of the user associated with the session's primary access token. With Windows 2003/XP/Vista, this is determined by WTSQueryUserToken. With NT4/2000 it is determined by the apparent shell process running in the given session. This inspector may fail if run in a non-privileged context. The SID does not exist under Windows 9x.

Plural: sids

Version	Platforms
8.0.584.0	Windows

permalink source

tty of <logged on user> : string

Returns the name of the connection the user is on. Result is platform specific. Examples are: "Console", "RDP-Tcp#0", "pts/1", ":0"

Plural: ttys

Version	Platforms
8.2.1078.0	AIX, Debian, HP-UX, Mac, Red Hat, SUSE, Solaris, Ubuntu, Windows
9.5.13.130	Raspbian

permalink source

user key of <logged on user> : registry key

Returns the registry key of the specified logged on user

Plural: user keys

Version	Platforms
9.0.586.0	Windows

permalink source

user of <logged on user> : user

Returns a user object from a 'logged on' user. This is for Active Directory expressions to bridge the gaps between user types. This retains the domain information of the logged on user within the user object where other user types might not.

Plural: users

Version	Platforms
8.1.535.0	Mac, Windows
8.2.1078.0	AIX, Debian, HP-UX, Red Hat, SUSE, Solaris, Ubuntu
9.5.13.130	Raspbian

permalink source