If you cannot find out what user is working on a specific device using PSexec or PSloggedon, this trickt might help.

Go to the fileserver, start an administrative powershell and run get-smbsession. This will list all currently open smb sessions. This way you can map user accounts to IP addresses.

To filter for the IP address you are looking for you can pipe to findstr. If I am looking for an IP that has 130 in the fourth octett like 10.20.30.130 it would look like this.

get-smbsession | findstr .130.

Cheers, Ori