How to show all users on Windows login screen

Windows 10 and 11 by default will only show the most recent signed in user, and currently signed in users. Kind of annoying for computers that are shared by a few others.

This can be changed to show all users that have signed in to the computer.

Requirements:

• Windows 10/11 Pro
• User account with administrative privileges

Method 1: Show all users via Local Group Policy Editor

To display all users added to a computer, follow these steps:

1. Click on the Start menu and search for "gpedit.msc"
2. Open "gpedit.msc"
3. Navigate to the following path: Computer Configuration -> Administrative Templates -> System -> Logon
4. Find the setting "Enumerate local users on domain-joined computers"
5. Enable this setting

Method 2: Configure via Intune (For Enterprise Environments)

For organizations using Microsoft Intune, this setting can be deployed across multiple devices using a configuration profile. This method requires administrative access to Microsoft Endpoint Manager.

Instructions to Create "Enumerate local users on domain-joined computers" Policy in Intune

1. Sign in to the Microsoft Endpoint Manager admin center.
2. Navigate to Devices Configuration profiles.
3. Click "Create profile".
4. For Platform, select "Windows 10 and later".
5. For Profile type, choose "Settings catalog".
6. In the list of templates, select "Administrative Templates".
7. Click "Create".
8. In the Basics tab:
   • Name: Enter "Show All Users on Login Screen"
   • Description: "Displays all previously signed-in users on the logon screen, including local and Entra ID/AzureAD users, for easier access on shared computers."
     
9. Click "Next".
10. In the Configuration settings tab:
    • Search for and select the setting "Enumerate local users on domain-joined computers"
    • Set the setting to "Enabled"
      
11. Click "Next".
12. In the Assignments tab:
    • Under Included groups, click "Add groups"
    • Select "All Devices"
    • Leave Filter and Filter mode as "None"
13. Click "Next".
14. In the Scope tags tab:
    • Leave the default scope tag selected
15. Review your settings and click "Create".

Note: After creation, you can monitor the policy's status:

• Device and user check-in status will show success and error counts
• Device assignment status shows all targeted devices, including pending assignments
• Per setting status allows you to view the configuration status of each setting across all devices and users