Policy

Enumerate local users on domain-joined computers

Microsoft Windows

Back to LogonBack to main
Enumerate local users on domain-joined computers
Jump to overview

Policy overview

Key metadata and intent for this policy.

Computer
Category
System > Logon
Supported on
At least Windows Server 2012, Windows 8 or Windows RT

Supported OS tags: Windows10, Windows10RT, Windows11, Windows8, Windows81, WindowsRT, WindowsRT81, WindowsServer2012, WindowsServer2012R2, WindowsServer2016

This policy setting allows local users to be enumerated on domain-joined computers. If you enable this policy setting, Logon UI will enumerate all local users on domain-joined computers. If you disable or do not configure this policy setting, the Logon UI will not enumerate local users on domain-joined computers.

Internal name
EnumerateLocalUsers
Policy ID
b6ed3886ec5f
Elements
0

Registry values

How enabled and disabled states update the registry.

ScopeRegistry locationTypeEnabled valueDisabled valueCopy
Computer
Path
Software\Policies\Microsoft\Windows\System
Value name
EnumerateLocalUsers
REG_DWORD
HKLM
1
HKLM
0
Registry location
Type REG_DWORD · Computer
Path
Software\Policies\Microsoft\Windows\System
Value name
EnumerateLocalUsers
Hive
HKLM
Enabled value
1
Disabled value
0

Policy elements

Inputs and configuration options exposed by this policy.

This policy has no additional user input fields.