aseigler/Get-WindowsHelloBiometricStats.ps1

## Get-WindowsHelloBiometricStats.ps1
# From winbio_types.h
[Flags()] enum WinBioTypes
{
	WINBIO_TYPE_MULTIPLE = 0x00000001
	WINBIO_TYPE_FACIAL_FEATURES = 0x00000002
	WINBIO_TYPE_VOICE = 0x00000004
	WINBIO_TYPE_FINGERPRINT = 0x00000008
	WINBIO_TYPE_IRIS = 0x00000010
	WINBIO_TYPE_RETINA = 0x00000020
	WINBIO_TYPE_HAND_GEOMETRY = 0x00000040
	WINBIO_TYPE_SIGNATURE_DYNAMICS = 0x00000080
	WINBIO_TYPE_KEYSTROKE_DYNAMICS = 0x00000100
	WINBIO_TYPE_LIP_MOVEMENT = 0x00000200
	WINBIO_TYPE_THERMAL_FACE_IMAGE = 0x00000400
	WINBIO_TYPE_THERMAL_HAND_IMAGE = 0x00000800
	WINBIO_TYPE_GAIT = 0x00001000
	WINBIO_TYPE_SCENT = 0x00002000
	WINBIO_TYPE_DNA = 0x00004000
	WINBIO_TYPE_EAR_SHAPE = 0x00008000
	WINBIO_TYPE_FINGER_GEOMETRY = 0x00010000
	WINBIO_TYPE_PALM_PRINT = 0x00020000
	WINBIO_TYPE_VEIN_PATTERN = 0x00040000
	WINBIO_TYPE_FOOT_PRINT = 0x00080000
}

function Get-WindowsHelloBiometricStats
{
    Begin {
        $users = Get-ChildItem HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\WinBio\AccountInfo -Exclude .DEFAULT
        $Results = @()
    }
    Process {
        foreach ($user in $users)
        {
            $objSID = New-Object System.Security.Principal.SecurityIdentifier ($user.PSChildName)
            $username = $objSID.Translate([System.Security.Principal.NTAccount]).Value
            $enrolledFactors = [WinBioTypes] (Get-ItemPropertyValue $user.PSPath -Name "EnrolledFactors")
            $enrolledTime = [datetime]::FromFileTime((Get-ItemPropertyValue $user.PSPath -Name "BioEnrolledTime")).ToString()
            $lastUsedTime = [datetime]::FromFileTime((Get-ItemPropertyValue $user.PSPath -Name "LastBioUseTime")).ToString()
            #$protectorUpdateNeeded = Get-ItemPropertyValue $user.PSPath -Name "ProtectorUpdateNeeded"
            #$virtualSecureModeFactors = Get-ItemPropertyValue $user.PSPath -Name "VirtualSecureModeFactors"
            $Results += $username, $enrolledFactors, $enrolledTime, $lastUsedTime#, $protectorUpdateNeeded, $virtualSecureModeFactors
        }
    }
    End {
        return $Results
    }
}
	# From winbio_types.h
	[Flags()] enum WinBioTypes
	{
	WINBIO_TYPE_MULTIPLE = 0x00000001
	WINBIO_TYPE_FACIAL_FEATURES = 0x00000002
	WINBIO_TYPE_VOICE = 0x00000004
	WINBIO_TYPE_FINGERPRINT = 0x00000008
	WINBIO_TYPE_IRIS = 0x00000010
	WINBIO_TYPE_RETINA = 0x00000020
	WINBIO_TYPE_HAND_GEOMETRY = 0x00000040
	WINBIO_TYPE_SIGNATURE_DYNAMICS = 0x00000080
	WINBIO_TYPE_KEYSTROKE_DYNAMICS = 0x00000100
	WINBIO_TYPE_LIP_MOVEMENT = 0x00000200
	WINBIO_TYPE_THERMAL_FACE_IMAGE = 0x00000400
	WINBIO_TYPE_THERMAL_HAND_IMAGE = 0x00000800
	WINBIO_TYPE_GAIT = 0x00001000
	WINBIO_TYPE_SCENT = 0x00002000
	WINBIO_TYPE_DNA = 0x00004000
	WINBIO_TYPE_EAR_SHAPE = 0x00008000
	WINBIO_TYPE_FINGER_GEOMETRY = 0x00010000
	WINBIO_TYPE_PALM_PRINT = 0x00020000
	WINBIO_TYPE_VEIN_PATTERN = 0x00040000
	WINBIO_TYPE_FOOT_PRINT = 0x00080000
	}

	function Get-WindowsHelloBiometricStats
	{
	Begin {
	$users = Get-ChildItem HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\WinBio\AccountInfo -Exclude .DEFAULT
	$Results = @()
	}
	Process {
	foreach ($user in $users)
	{
	$objSID = New-Object System.Security.Principal.SecurityIdentifier ($user.PSChildName)
	$username = $objSID.Translate([System.Security.Principal.NTAccount]).Value
	$enrolledFactors = [WinBioTypes] (Get-ItemPropertyValue $user.PSPath -Name "EnrolledFactors")
	$enrolledTime = [datetime]::FromFileTime((Get-ItemPropertyValue $user.PSPath -Name "BioEnrolledTime")).ToString()
	$lastUsedTime = [datetime]::FromFileTime((Get-ItemPropertyValue $user.PSPath -Name "LastBioUseTime")).ToString()
	#$protectorUpdateNeeded = Get-ItemPropertyValue $user.PSPath -Name "ProtectorUpdateNeeded"
	#$virtualSecureModeFactors = Get-ItemPropertyValue $user.PSPath -Name "VirtualSecureModeFactors"
	$Results += $username, $enrolledFactors, $enrolledTime, $lastUsedTime#, $protectorUpdateNeeded, $virtualSecureModeFactors
	}
	}
	End {
	return $Results
	}
	}