I've got a powershell script that acquires the last logged on users display name e.g. John Smith, and deploys it to a DeviceTagging key in the registry. This then makes the change on defender for endpoint where the display name is used as a tag for that specific device.
The script runs perfectly when run locally on a machine, however once deployed to Intune the $regpathvalue variable only has some of the variables present, with the LastLoggedOnUser variable missing Shown below is the code used for the variable generation
$regpath = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI"
$regpathvalue = Get-ItemProperty -Path $regpath
$tagvalue = $regpathvalue.LastLoggedOnDisplayName
#Gets the lastLoggedOnDisplayName (being the first and last name of the logged in user) and sets it to $tagvalue e.g. John Smith
