Gather User Account Name during IPU

This came about because we wanted to confirm the user account that initiated the upgrade in software center.  This script will then capture that information into a TS Variable, and can then be written to Registry / WMI using our collect information script that runs.  Both the Script and the Step in the TS have conditions on them, where it looks for _SMSTSUserStarted to be “True”

Note, this is for the interactive console user, if you have VM’s they users RDP into, you’d have to change the “Type” from 2 .. to I think 10.  More info about this process on the page where I stole most of the code from:



Code: Set-IPU_UserAccountTSVar.ps1

 #Get Logged On User and place into TS Variable, if the TS was initiated by a user
 #Most of code to get the user was stolen from:
 #Modified by @gwblok (GARYTOWN.COM)
 #This script is designed to be used with the SetInfo Script for WaaS

 $tsenv = New-Object -COMObject Microsoft.SMS.TSEnvironment
 if ($tsenv.Value("_SMSTSUserStarted") -eq "True")
            $regexa = '.+Domain="(.+)",Name="(.+)"$' 
            $regexd = '.+LogonId="(\d+)"$' 
            $logon_sessions = @(gwmi win32_logonsession -ComputerName $env:COMPUTERNAME) 
            $logon_users = @(gwmi win32_loggedonuser -ComputerName $env:COMPUTERNAME) 
            $session_user = @{} 
            $logon_users |% { $_.antecedent -match $regexa > $nul ;$username = $matches[2] ;$_.dependent -match $regexd > $nul ;$session = $matches[1] ;$session_user[$session] += $username } 
            $currentUser = $logon_sessions |%{ 
                $loggedonuser = New-Object -TypeName psobject 
                $loggedonuser | Add-Member -MemberType NoteProperty -Name "User" -Value $session_user[$_.logonid] 
                $loggedonuser | Add-Member -MemberType NoteProperty -Name "Type" -Value $_.logontype
                $loggedonuser | Add-Member -MemberType NoteProperty -Name "Auth" -Value $_.authenticationpackage 
                ($loggedonuser  | where {$_.Type -eq "2" -and $_.Auth -eq "Kerberos"}).User 
            $currentUser = $currentUser | select -Unique
            $tsenv.Value('IPU_UserAccount') = $CurrentUser

Then in conjunction with the Set Info Script, it will record to registry / WMI



2 thoughts on “Gather User Account Name during IPU”

  1. I was coming over to garytown to take a peak at your post on getting rid of MDT and saw this. Interesting that I was trying to figure out this same thing a few weeks ago and found a different solution. I deconstructed the PSADT and used their code to do the same thing. Your code above returns multiple users if anything is launched and running with a ‘Run As’ in my quick testing. In using the PSADT, they get a nice usable object. I’ve been having good success with this..

    $scriptPath = split-path -parent $MyInvocation.MyCommand.Definition
    [string[]]$ReferencedAssemblies = ‘System.Drawing’, ‘System.Windows.Forms’, ‘System.DirectoryServices’
    Add-Type -Path “$scriptPath\AppDeployToolkitMain.cs” -ReferencedAssemblies $ReferencedAssemblies
    $tsenv = New-Object -COMObject Microsoft.SMS.TSEnvironment
    $tsenv.Value(“ConsoleUser”) = “$($user.UserName)”
    Write-host “Not running a TS. Would set variable [ConsoleUser] to [$($User.UserName)]”

    AppDeployToolkitMain.cs is found in the toolkit.


Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.