Show all domain users on logon screen
hi there,
i have three users, who share a PC. PC is in a local windows domain. all three users a domain users and already logged in on this PC successfully.
PC has a local admin account.
How can i show all three users on the bottom left list in the login screen?
i tried already with
the local admin in gpedit:
Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Security Options:
Interactive logon: Donβt display last signed-in: Disabled
Interactive logon: Donβt display username at sign-in: Disabled
Computer Configuration -> Administrative Templates -> System -> Logon:
Block user from showing account details on sign-in: Disabled
Do not enumerate connected users on domain-joined computer: Disabled
this doesnt work, still shows only the last (domain or local) user
and
Computer Configuration -> Administrative Templates -> System -> Logon:
Enumerate local users on domain-joined computers = Disabled
doesnt work too, this shows additional to the last user (as before), all local users (which in my case, is the local admin).
i searched already at
https://answers.microsoft.com/en-us/windows/forum/all/show-multiple-active-directory-users-on-win-10/9235b85f-9f5a-472d-b347-ac39f0ce8e66
https://answers.microsoft.com/en-us/windows/forum/all/show-all-domain-users-in-the-logon-screen/d9d53ce2-e13c-4613-9261-adbe3f8d7a0e
..and so on
but could found a working solution
hope someone can help, thanks
4 answers
-
Big Tom 0 Reputation points
Anyone figured how to do this?
I'm trying to display at least two domain accounts and Windows 10 Pro only displays the last user to log in plus Other User. What we want to do is display the last two domain accounts plus Other User, don't care about displaying local accounts.
Have this GPO set: Computer Configuration β Windows Settings β Security Settings β Local Policies β Security Options β Interactive logon: Number of previous logons to cache set to 10 and even thou the policy is applied the computer only displays the last domain account plus Other User.
-
Eric Conard 0 Reputation points
I know this is old but, here's what worked for me.
I used the Intune setup.
-
ft 81 Reputation points
hi eric, thank you for your help.
unfortunately, this doesnt solve the problem of domain users not being displayed.
i already tried the descripted (method1) in my initial post using gpedit (for on-premise active directory). intune is a different approach (cloud based active directory) to set the same entry ("Enumerate local users on domain-joined computers") in the group policy.
your solution is fixing the problem that by default all local users are displayed instead of only the most recently logged-in local users.
Sign in to comment -
-
Jope Geca 0 Reputation points
Hi, i'm facing the same issue, were you able to solve this?
-
ft 81 Reputation points
hey, unfortunately not.
-
Eric Conard 0 Reputation points
I got this working on cloud joined PCs and Intune.
the above has:
Computer Configuration -> Administrative Templates -> System -> Logon:
Enumerate local users on domain-joined computers = Disabled ```In my settings, I have that policy Enabled not Disabled You'll need to do this in the Domain GPO not Local machine
Sign in to comment -
-
Anonymous
Hello ft,
Thank you for posting in Q&A forum.
The settings should work.
Here is a similar thread with the same settings and it worked.
https://learn.microsoft.com/en-us/answers/questions/180091/windows-10-logon-show-multiple-accounts-on-logon-sYou can check all the settings are configured in the domain GPO.
Because domain GPO takes precedence over local G-Group Policy settings.I hope the information above is helpful.
If you have any questions or concerns, please feel free to let us know.
Best Regards,
Daisy Zhou
============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.
-
ft 81 Reputation points
hello Daisy,
i appreciate your answer, unfortunately it doesnt help.the link from 2020 shows the same settings I have already described and tried. the only difference (if this is relevant): their users are managed in Azure. we are using a local domain on a server 2016 and also an other test domain on a server 2022 in 2008R2 mode.
oh.. and forgot to mention: clients are win 10 pro.the domain GPO typically only takes precedence if these values are set (in this case the values are "not configured"). so that all domain users during testing dont experience unexpected effects, i am tinkering at the beginning with the local GPO.
nevertheless (you never know unless you try) i tried it also in the domain GPO,
(tried on both domains; currently PC is switched to the test domain)
but no success either.do you have any other ideas, cause i am at my wits end?
Sign in to comment -