cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Microsoft Security Tech Accelerator
Dec 06 2023, 07:00 AM - 12:00 PM (PST)
Microsoft Tech Community
Find out more
SOLVED

Devices are not showing logged on users

Marc Laflamme
Iron Contributor

‎Sep 20 2023 12:04 PM

‎Sep 20 2023 12:04 PM

Devices are not showing logged on users

The environment is hybrid with devices being managed by Intune.

 

We are also using Microsoft Defender for Business so maybe that's why this feature isn't working.

 

On Settings > Endpoints > Advanced Features, the setting Show user details is enabled.

 

If I navigate to Device Inventory and click on any device, the Logged on users area says 0. It doesn't matter the time range or device, this status isn't being populated.

 

Is there a setting or requirement I'm missing to be able to see this?

1,029 Views
0 Likes
8 Replies
Reply
8 Replies
MikeSlates

‎Oct 30 2023 05:19 AM

‎Oct 30 2023 05:19 AM

Re: Devices are not showing logged on users

@Marc Laflamme  Did you ever figure this out?  Same situation as you (Hybrid, Defender for Business) and ours shows the same - 0 logged on users.

0 Likes
Reply
Marc Laflamme

‎Oct 30 2023 06:05 AM

‎Oct 30 2023 06:05 AM

Re: Devices are not showing logged on users

Hey @MikeSlates , sorry no I did not. If I ever do I'll try to remember to update this thread.

0 Likes
Reply
MikeSlates

‎Oct 30 2023 07:14 AM

‎Oct 30 2023 07:14 AM

Re: Devices are not showing logged on users

I opened a Service Request with Microsoft. We'll see.
They always try to prune things down with Def for Business.
Or they'll say "this is part of Def for Identity".

Ridiculous...
0 Likes
Reply
Marc Laflamme

‎Oct 30 2023 07:43 AM

‎Oct 30 2023 07:43 AM

Re: Devices are not showing logged on users

Oh I have also recently discovered that there's a difference between them. I thought that because it included things from P1 and P2 then it would naturally act like P1 and P2 but nope! Yeah I really dislike how they treat it like something totally different.
0 Likes
Reply
best response confirmed by Marc Laflamme (Iron Contributor)
MikeSlates

‎Nov 02 2023 06:40 AM

‎Nov 02 2023 06:40 AM

Solution

Re: Devices are not showing logged on users

Sure enough, another little thing to keep us down.
Their reply:
"I have noticed that you are currently having Defender for Business. Defender for Business will not let you see the currently logged-on user of a device, can't see device groups, and detection rules. This is the reason why you are not seeing currently logged in users. "

The logged on user shows in Intune. Why they can't show it in Defender is just stupid games. I asked for the documentation explicitly stating this limitation.
1 Like
Reply
Marc Laflamme

‎Nov 02 2023 06:45 AM

‎Nov 02 2023 06:45 AM

Re: Devices are not showing logged on users

Wow that’s quite annoying! Really appreciate you posting the reason. I’m starting to feel pretty **bleep** because I was the one pushing to drop our existing platform and move to Defender because it was included with our M365 BP licenses and that it was basically P1 and parts of P2. I really wish more of these limitations were clearly stated. Their “what’s in DfB” chart that highlights parts of P1 and P2 needs to specify that just because all of the P1 features are includes, it’s NOT DfE P1. Sigh.
0 Likes
Reply
MikeSlates

‎Nov 02 2023 07:53 AM

‎Nov 02 2023 07:53 AM

Re: Devices are not showing logged on users

Overall, I'm pretty happy with Defender for Business and the Intune management of the Security Baselines, ASR rules, Firewall, BitLocker, etc. It's all pretty solid.
It's the little things they do, like this, to keep this sku different from P2. It's just annoying.
0 Likes
Reply
Marc Laflamme

‎Nov 02 2023 08:06 AM

‎Nov 02 2023 08:06 AM

Re: Devices are not showing logged on users

But it's also not even considered P1 (even though it has every bulleted feature). Take Device Groups for example (https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/machine-groups?view=o365-...). It requires Defender for Endpoint P1 or P2 but it does not work in DfB.
0 Likes
Reply