This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(41.6, 31%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVJ%3C/text%3E%3C/svg%3E)
checked for Primary Users/Resource Explorer for machines from SCCM Console and out of 20K machines, almost 16K machine having one of the primary user as 'MachineName\Local_Users'. Is this expected? Where is it coming from? is it because of the system account sccm uses for installation purpose?
No, it's not because of the system account uses for installation purposes.
A couple of guesses:
If you are totally on-prem, not Hybrid Intune, then it is exactly what it says on the tin: there are local users for that machine which login, and therefore "some local user" is the primary user of that machine, not a domain user.
If you are Hybrid Intune, then possibly 'who logs in' is an Azure ID, like Vikash.Joshi@YourAzure.edu
Since that is also 'not a domain (at least, not a traditional onprem domain)', CM also sees that as a 'local user'
My top guess because you have 16k like this... most likely you are intune hybrid, and 'who logs in, and therefore becomes the primary user' is an AzureID. one way to check this...
Select count(distinct resourceid)
from v_gs_system_console_user scu
where scu.SystemConsoleUser0 like '%@%'
and if the count is suspiciously close to 16k... then my guess is at least 51% plausible.
The REAL question is... "why do you care". Is there a business process around which you wanted to center Primary User ? What's the end goal? Maybe there is a different way to achieve your end goal, instead of using 'primary user' (which was designed 'back in the day', before Azure IDs were invented, so it's not really meant for that)
We are Totally On-Prem for now. Enabled Co-Management sometime back and have very few pilot users as now(Less than 100).
Regarding the question why do we care, someone from customer Side found this for a machine or 2 and asking for the reasons that why is it so? nothing impacted.
Adding to this, these are not the local users. The screenshot from my laptop where it is showing local_users but I haven't logged in till date with this user(Have used on Corp one till date).
If it doesn't affect any of your business processes, I wouldn't pursue it too deeply then. You can find the 'user' of a device by looking at current logged on user in the console, instead of primary user. Or (if you inventory that), can at least see the profiles that have been created (but not times used), or, if you inventory this... Recently Used Apps, and see who has recently launched something.
I understand having it "right there" in the console in a column is nice, but it's not the only method to see 'who actually uses this device"