mustaki
asked on
audit users at specific time
is there a way on windows nt to audit the following :
1 all users that are logging into the domain after a specific hour.
2 all the users that are already logged into the domain after a specific hour
any ideas ??
1 all users that are logging into the domain after a specific hour.
2 all the users that are already logged into the domain after a specific hour
any ideas ??
ASKER
i think you didnt answer my question
thanks anyway.
all i want is a list of users which are logged into the network
after a specific hour ( or logged before and not logging off in a specific hour )
thanks anyway.
all i want is a list of users which are logged into the network
after a specific hour ( or logged before and not logging off in a specific hour )
OK, do you need this live, or after the fact.
For after the fact, turn on auditing and then export the event log and process it to pull the names based on logon, logoff hours.
For live, see
Net view yes to view users and computers logged in.
for other options see:
uditing and utility tools
http://www.sysinternals.com/
http://www.sysinternals.com/ntw2k/freeware/ntfsdospro.shtml NTFS for DOS
http://www.systemtools.com/
http://www.winternals.com
www.bhs.com
http://www.bhs.com/soft_index.asp
http://www.sunbelt-software.com/search_category.cfm
www.optimumx.com
A lot of the tools are free.
I hope this helps !
For after the fact, turn on auditing and then export the event log and process it to pull the names based on logon, logoff hours.
For live, see
Net view yes to view users and computers logged in.
for other options see:
uditing and utility tools
http://www.sysinternals.com/
http://www.sysinternals.com/ntw2k/freeware/ntfsdospro.shtml NTFS for DOS
http://www.systemtools.com/
http://www.winternals.com
www.bhs.com
http://www.bhs.com/soft_index.asp
http://www.sunbelt-software.com/search_category.cfm
www.optimumx.com
A lot of the tools are free.
I hope this helps !
Sprcifically :
From work, http://www.optimumx.com/ Command line utilities
Network Users v1.20 (NetUsers.exe) Last Updated: 11/11/2000
Displays a current or historical list of users logged on to a specified Windows NT/2000 system. Use 'NetUsers /?' to view the syntax.
Operating Systems Supported: Windows XP Windows 2000 Windows NT
Download: NetUsers_1.20.zip
From work, http://www.optimumx.com/ Command line utilities
Network Users v1.20 (NetUsers.exe) Last Updated: 11/11/2000
Displays a current or historical list of users logged on to a specified Windows NT/2000 system. Use 'NetUsers /?' to view the syntax.
Operating Systems Supported: Windows XP Windows 2000 Windows NT
Download: NetUsers_1.20.zip
I think that it depends on how formally you want to persue this process, how large the network and how often you need to do this.
If each PC on the network has file sharing turned on, then they are either available in 'Network Neighborhood' or they aren't.
If a user is logged into a domain, and if logins are being logged, then any active user is going to leave tracks on the NT security log. Enteries are logged for all sorts of things that the normal user wouldn't be aware of.
Finally, if there is a network share that all the PCs are connected to, under Administrative Programs, System Manager (I think) you can see everyone that is connected to any share at that moment in time (or for that matter, any one with any files open read or write).
Unless you are looking for something specific, if you study the NT Security logs (and if you have NT set up to log the security events) I think you will find your information there.
Harry
If each PC on the network has file sharing turned on, then they are either available in 'Network Neighborhood' or they aren't.
If a user is logged into a domain, and if logins are being logged, then any active user is going to leave tracks on the NT security log. Enteries are logged for all sorts of things that the normal user wouldn't be aware of.
Finally, if there is a network share that all the PCs are connected to, under Administrative Programs, System Manager (I think) you can see everyone that is connected to any share at that moment in time (or for that matter, any one with any files open read or write).
Unless you are looking for something specific, if you study the NT Security logs (and if you have NT set up to log the security events) I think you will find your information there.
Harry
Do you have only NT domain or it is combined with novell or unix ??
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
see :
To send keyboard input to a running programm you could use scriptit, this utility waits for particular
windows to appear and then sends predefined key press sequences. For more information take a look at
http://www.microsoft.com/ntserver/techresources/deployment/NTserver/scriptit3.asp
Tommy
From: sgriffin Date: 11/27/2001 06:06AM PST
www.winbatch.com
i use this, works exactly like Tommylisters recommendation , is also a Windows INterface Language compiler
.... im not selling this , i just use it and it works :-)
----
Rebol scripting language (www.rebol.com) lightweight cross-platform scripting language. Automate anything you want on your system.
---
http://www.macros.com/ Macro Express Only $39.95 30 day trial
http://www.hiddensoft.com/AutoIt/
http://www.smartcode.com/products/shortk/shortk.htm Shortcut keyboard macros
Check
download.com
shareware.com
zdnet.com
http://www.tucows.com/system/macros95.html
http://www.nonags.com/
http://www.freewarearena.com/
http://www.hotfiles.com/
http://www.utilitygeek.com
http://www.softpile.com/
http://www.kt2k.com/download.php
http://www.bluechillies.com/browse/W/E/H/
http://download.cnet.com/downloads/0-10016-101-7241521.html?tag=st.dl.10016-100-7241521-7241521.dln.10016-110-7241521
602Pro PC Suite 2001 Free Office sute replaces Word Excel
http://members.hyperlink.net.au/~chart/links.htm
From: mor4eus Date: 07/11/2001 07:58PM PST
There is no command line utility for NTbackup to erase a tape. There is a way I know of and that is to use a utility called DOS2WIN found here.
http://content.techweb.com/winmag/columns/powertools/default.htm
It allows you to program keystrokes into a dos program which you can run. Etc.. File, Erase.
----
http://www.hiddensoft.com/AutoIt/ No auto-record - uses scripts
http://www.zdnet.com/downloads/stories/info/0,,000C94,.html
http://hotfiles.zdnet.com/cgi-bin/texis/swlib/hotfiles/info.html?fcode=000VPA
http://download.cnet.com/downloads/0-10106-100-1572888.html?tag=st.dl.10001_103_1.lst.td
http://download.cnet.com/downloads/0-10101-100-907068.html?tag=st.dl.10001_103_3.lst.td
http://www.mkssoftware.com/eval/. unix like automation and script tools
-------------------------
http://www.zdnet.com/downloads/stories/info/0,,77503,.html
From: dbrunton Date: 04/09/2001 02:58AM PST
Yes, it is possible. Do a search for WinCmd which is a script language for Windows from Ziff Davis.
Here is an example script.
"rundll32.exe shell32.dll,Control_RunDLL
delay (2000)
sendkeys ("{tab}")
delay (2000)
sendkeys ("%p")
sendkeys ("%s")
sendkeys ("%h")
sendkeys ("192.168.1.1")
sendkeys ("{tab}")
sendkeys (80)
sendkeys ("%c")
sendkeys ("192.168.1.1")
sendkeys ("{tab}")
sendkeys (80)
sendkeys ("{enter}")
sendkeys ("%a")
sendkeys ("{enter}")
Note that in this script where there is a delay indicated tht the CTRL key had to be held down to make
the script language work. This script was called from a batch file.
wincmd inet.wcm
exit
-------------
I hope this helps !