![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(291.2, 38%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMP%3C/text%3E%3C/svg%3E)
To determine on which device Windows Hello for Business is configured for a user via PowerShell, you generally need to check for its provisioning details. These are stored locally on each device, and WHfB is user-specific and device-bound. While there's no central PowerShell command that lists "this device has WHfB for this user" across the network, you can check on a local device whether WHfB is configured for the current user using the Get-WmiObject or dsregcmd tool and registry checks.
Try running this script locally to checks if WHfB is provisioned for the current user:
$dsregOutput = dsregcmd /status
$whfbLine = $dsregOutput | Where-Object { $_ -match "Windows Hello for Business" }
if ($whfbLine -match "Configured\s*:\s*Yes") {
Write-Output "Windows Hello for Business is configured on this device for the current user."
} else {
Write-Output "Windows Hello for Business is NOT configured on this device for the current user."
}
You can expand this script to include hostname or logged-in user info:
$computerName = $env:COMPUTERNAME
$userName = $env:USERNAME
$dsregOutput = dsregcmd /status
$whfbLine = $dsregOutput | Where-Object { $_ -match "Windows Hello for Business" }
if ($whfbLine -match "Configured\s*:\s*Yes") {
Write-Output "[$computerName] WHfB is configured for user: $userName"
} else {
Write-Output "[$computerName] WHfB is NOT configured for user: $userName"
}
If the above response helps answer your question, remember to "Accept Answer" so that others in the community facing similar issues can easily find the solution. Your contribution is highly appreciated.
hth
Marcin