Primary User - Windows
| 1 Votes |
Versioning - This is the latest version.
| 1 | Primary User - Windows | 9/1/2015 11:59:19 AM |
| 2 | Primary User - Windows | 1/25/2016 4:49:53 PM |
Description
This analysis attempts to identify the Primary User of the system.
Property Details
Properties
PrimaryUser Setting
Period
1 hour
| * Results in a true/false |
unique values of (it as string as trimmed string) of values of settings whose("PrimaryUser" = name of it) of clients
User with most logons
Period
6 hours
| * Results in a true/false |
unique values of names of users whose( logon count of it = maximum of logon counts of users )
Last Logged on User - Windows
Period
6 hours
| * Results in a true/false |
unique values of items 1 of (modification time of it,name of parent folder of it) whose( item 0 of it = ( maximum of modification times of files "NTUSER.DAT" of folders whose ( exists file "NTUSER.DAT" of it AND name of it as lowercase is not contained by set of ( "networkservice";"localservice";"administrator";"default";"public";"la-client";"OTHER_EXCLUDED_USERS" ) ) of (folders "c:\users"; folders "c:\Documents and Settings") ) ) of files "NTUSER.DAT" of folders whose ( exists file "NTUSER.DAT" of it AND name of it as lowercase is not contained by set of ( "networkservice";"localservice";"administrator";"default";"public";"la-client";"OTHER_EXCLUDED_USERS" ) ) of (folders "c:\users"; folders "c:\Documents and Settings")
Users
Period
6 hours
| * Results in a true/false |
("%22" & it & "%22") of concatenations "%22;%22" of unique values of (names of logged on users; names of users; names of current users; names of local users)
Users logged in (in BESClient Log - 30 days)
Period
12 hours
| * Results in a true/false |
unique values of (preceding texts of lasts "'" of following texts of firsts "User interface process started for user '" of it) of lines whose(it contains "User interface process started for user '") of files whose( (exists lines of it) AND (name of it as uppercase ends with ".LOG") AND ( (name of it starts with ((it as string) of ( current year )) ) OR (name of it starts with ((it as string) of ( current year - 1*year )) ) ) ) of folders "__Global/Logs" of ((data folder of client)|(folder "/var/opt/BESClient/__BESData")|(folder "/Library/Application Support/BigFix/BES Agent/__BESData")|(folder "__BESData" of parent folder of client))
User with the most logins (in BESClient Log)
Period
1 day
| * Results in a "string"/number |
(it) whose( multiplicity of it = maximum of multiplicities of unique values of (preceding texts of lasts "'" of following texts of firsts "User interface process started for user '" of it) of lines whose(it contains "User interface process started for user '") of files whose( (exists lines of it) AND (name of it as uppercase ends with ".LOG") AND ( (name of it starts with ((it as string) of ( current year )) ) OR (name of it starts with ((it as string) of ( current year - 1*year )) ) ) ) of folders "__Global/Logs" of (data folder of client) ) of unique values of (preceding texts of lasts "'" of following texts of firsts "User interface process started for user '" of it) of lines whose(it contains "User interface process started for user '") of files whose( (exists lines of it) AND (name of it as uppercase ends with ".LOG") AND ( (name of it starts with ((it as string) of ( current year )) ) OR (name of it starts with ((it as string) of ( current year - 1*year )) ) ) ) of folders "__Global/Logs" of (data folder of client)
Relevance
Sharing
| Social Media: |
