The Win32_NetworkLoginProfileâWMI class represents the network login information of a specific user on a computer system running Windows. This includes, but is not limited to password status, access privileges, disk quotas, and logon directory paths.
Methods
Win32_NetworkLoginProfile has no methods.
Properties
Win32_NetworkLoginProfile returns 9 properties:
'AccountExpires','AuthorizationFlags','BadPasswordCount','Caption','CodePage',
'Comment','CountryCode','Description','Flags'
Unless explicitly marked as writeable, all properties are read-only. Read all properties for all instances:
Get-CimInstance -ClassName Win32_NetworkLoginProfile -Property *
Most WMI classes return one or more instances.
When
Get-CimInstance
returns no result, then apparently no instances of class Win32_NetworkLoginProfile exist. This is normal behavior.Either the class is not implemented on your system (may be deprecated or due to missing drivers, i.e. CIM_VideoControllerResolution), or there are simply no physical representations of this class currently available (i.e. Win32_TapeDrive).
AccountExpires
Account will expire. This value is calculated from the number of seconds elapsed since 00:00:00, January 1, 1970, and is set in this format: yyyymmddhhmmss.mmmmmm sutc.
Example: 20521201000230.000000 000
Get-CimInstance -ClassName Win32_NetworkLoginProfile | Select-Object -Property AccountExpires
AuthorizationFlags
Set of flags that specify the resources a user is authorized to use or modify.
1 (0x1)
Printer
2 (0x2)
Communication
4 (0x4)
Server
8 (0x8)
Accounts
Get-CimInstance -ClassName Win32_NetworkLoginProfile | Select-Object -Property AuthorizationFlags
BadPasswordCount
Number of times the user enters a bad password when logging on to a computer system running Windows.
Example: 0
Get-CimInstance -ClassName Win32_NetworkLoginProfile | Select-Object -Property BadPasswordCount
Caption
Short textual description of the current object.
Get-CimInstance -ClassName Win32_NetworkLoginProfile | Select-Object -Property Caption
CodePage
Code page for the user’s language of choice. A code page is the character set used.
Get-CimInstance -ClassName Win32_NetworkLoginProfile | Select-Object -Property CodePage
Comment
Comment or description for this logon profile.
Get-CimInstance -ClassName Win32_NetworkLoginProfile | Select-Object -Property Comment
CountryCode
Country/region code for the user’s language of choice.
Get-CimInstance -ClassName Win32_NetworkLoginProfile | Select-Object -Property CountryCode
Description
Textual description of the current object.
Get-CimInstance -ClassName Win32_NetworkLoginProfile | Select-Object -Property Description
Flags
The properties available to this network profile.
Properties that can be set include:
1 (0x1)
Script
A logon script executed. This value must be set for LAN Manager 2.0.
2 (0x2)
Account Disabled
The user’s account is disabled.
8 (0x8)
Home Directory Required
A home directory is required.
16 (0x10)
Lockout
The account is currently locked out. For NetUserSetInfo, this value can be cleared to unlock a previously locked account. This value cannot be used to lock a previously unlocked account.
32 (0x20)
Password Not Required
No password is required.
64 (0x40)
Password Cannot Change
The user cannot change the password.
128 (0x80)
Encrypted Test Password Allowed
256 (0x100)
Temp Duplicate Account
An account for users whose primary account is in another domain. This account provides user access to this domain, but not to any domain that trusts this domain. The User Manager refers to this account type as a local user account.
512 (0x200)
Normal Account
Default account type that represents a typical user.
2048 (0x800)
Interdomain Trust Account
A permit to a trust account for a domain that trusts other domains.
4096 (0x1000)
Workstation Trust Account
A computer account for a Windows workstation or server that is a member of this domain.
8192 (0x2000)
Server Trust Account
A computer account for a backup domain controller that is a member of this domain.
65536 (0x10000)
Do Not Expire Password
131072 (0x20000)
MNS Logon Account
Majority Node Set (MNS) logon account type that represents an MNS user.
262144 (0x40000)
Smartcard Required
524288 (0x80000)
Trusted for Delegation
1048576 (0x100000)
Not Delegated
2097152 (0x200000)
Use DES Key Only
4194304 (0x400000)
Do Not Require Preauthorization
8388608 (0x800000)
Password Expired
Indicates that the password has expired.
Get-CimInstance -ClassName Win32_NetworkLoginProfile | Select-Object -Property Flags
Examples
List all instances of Win32_NetworkLoginProfile
Get-CimInstance -ClassName Win32_NetworkLoginProfile
Learn more about Get-CimInstance
and the deprecated Get-WmiObject
.
View all properties
Get-CimInstance -ClassName Win32_NetworkLoginProfile -Property *
View key properties only
Get-CimInstance -ClassName Win32_NetworkLoginProfile -KeyOnly
Selecting Properties
To select only some properties, pipe the results to Select-Object -Property a,b,c
with a comma-separated list of the properties you require. Wildcards are permitted.
Get-CimInstance
always returns all properties but only retrieves the ones that you specify. All other properties are empty but still present. That’s why you need to pipe the results into Select-Object
if you want to limit the visible properties, i.e. for reporting.
Selecting Properties
The code below lists all available properties. Remove the ones you do not need:
$properties = 'AccountExpires',
'AuthorizationFlags',
'BadPasswordCount',
'Caption',
'CodePage',
'Comment',
'CountryCode',
'Description',
'Flags'
Get-CimInstance -ClassName Win32_NetworkLoginProfile | Select-Object -Property $properties
Limiting Network Bandwidth
If you work remotely, it makes sense to limit network bandwidth by filtering the properties on the server side, too:
Get-CimInstance -Class Win32_NetworkLoginProfile -Property $property |
Select-Object -Property $property
Selecting Instances
To select some instances, use Get-CimInstance and a WMI Query. The wildcard character in WMI Queries is % (and not “*”).
The parameter -Filter runs a simple query.
Listing all instances where the property Caption starts with “A”
Get-CimInstance -Class Win32_NetworkLoginProfile -Filter 'Caption LIKE "a%"'
Using a WQL Query
The parameter -Query uses a query similar to SQL and combines the parameters -Filter and -Property. This returns all instances where the property Caption starts with “A”, and returns the properties specified:
Get-CimInstance -Query "SELECT Description, Flags, AccountExpires, Comment FROM Win32_NetworkLoginProfile WHERE Caption LIKE 'a%'"
Any property you did not specify is still present but empty. You might need to use
Select-Object
to remove all unwanted properties:Get-CimInstance -Query "SELECT Description, Flags, AccountExpires, Comment FROM Win32_NetworkLoginProfile WHERE Caption LIKE 'a%'" | Select-Object -Property Description, Flags, AccountExpires, Comment
Accessing Remote Computers
To access remote systems, you need to have proper permissions. User the parameter -ComputerName to access one or more remote systems.
Authenticating as Current User
# one or more computer names or IP addresses:
$list = 'server1', 'server2'
# authenticate with your current identity:
$result = Get-CimInstance -ClassName Win32_NetworkLoginProfile -ComputerName $list
$result
Authenticating as Different User
Use a CIMSession object to authenticate with a new identity:
# one or more computer names or IP addresses:
$list = 'server1', 'server2'
# authenticate with a different identity:
$cred = Get-Credential -Message 'Authenticate to retrieve WMI information:'
$session = New-CimSession -ComputerName $list -Credential $cred
$result = Get-CimInstance Win32_NetworkLoginProfile -CimSession $session
# remove the session after use (if you do not plan to re-use it later)
Remove-CimSession -CimSession $session
$result
Learn more about accessing remote computers.
Requirements
To use Win32_NetworkLoginProfile, the following requirements apply:
PowerShell
Get-CimInstance
was introduced with PowerShell Version 3.0, which in turn was introduced on clients with Windows 8 and on servers with Windows Server 2012.
If necessary, update Windows PowerShell to Windows PowerShell 5.1, or install PowerShell 7 side-by-side.
Operating System
Win32_NetworkLoginProfile was introduced on clients with Windows Vista and on servers with Windows Server 2008.
Namespace
Win32_NetworkLoginProfile lives in the Namespace Root/CIMV2. This is the default namespace. There is no need to use the -Namespace parameter in Get-CimInstance
.
Implementation
Win32_NetworkLoginProfile is implemented in CIMWin32.dll and defined in CIMWin32.mof. Both files are located in the folder C:\Windows\system32\wbem
:
explorer $env:windir\system32\wbem
notepad $env:windir\system32\wbem\CIMWin32.mof