Collection of User Context Information

When the Hardware Inventory Agent runs on clients, it runs in the context of the local system account. The agent queries WMI for required data using that context. In some cases (such as environment variables), WMI returns data for all user profiles defined on the computer. In other cases (for example, any file or print shares the user has connected to), WMI returns data for the context in which the data is requested, as opposed to the currently logged-on user. Data collected by hardware inventory might not include the details you expected it to collect. In the example of file and print shares, SMS hardware inventory does not include the user's share connections, because the hardware inventory agent does not run in the user account's context.

A similar issue exists when software inventory encounters encrypted files. Because software inventory is not running in the user's context, files that can be decrypted only by the user cannot be inventoried by SMS. Encrypted files can only have product details inventoried and are collected by SMS when the local system account (or a group that contains the local system account) is given administrative rights to the files.

You can work around this issue by writing a script to store the desired data, and then run that script in the user's context. The script could be run as an SMS advertised program. Using a hardware inventory extension, you can configure hardware inventory to collect that data. For more information about hardware inventory extensions, see Chapter 3, "Advanced Inventory Collection."

For More Information

Did you find this information useful? Please send your suggestions and comments about the documentation to smsdocs@microsoft.com.