Active Directory tool to determine where a user is logged on

Posted on 2003-02-24
Medium Priority
Last Modified: 2013-12-04
Good morining all.  We are having a Win2K Active Directory seemingly random account lockout problem. In most cases we have traced the culprit to the user being locally logged onto multiple workstations or servers at the same time.

Question:  Does anyone know of a built in active directory utility or command line tool that will enable us to enter a user ID and return every workstation or server the user is logged onto in the domain??

Thanks in advance!!
Question by:JrAdmin
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 13

Expert Comment

ID: 8016111
The only tool that I've ever seen do this is goverLAN from PJ Teshnologies, www.goverlan.com.  Not to say that other utilities don't, but goverLAN will work.  There is a demo version that should get you out of your predicament.

Accepted Solution

srachui earned 200 total points
ID: 8033035
One way you could get some information is to populate the 'managedBy' field of all your workstations, which would create a linked attributed to your 'managedObjects' attribute on users.  Then, you could search your user object in ADSIEdit and look up the 'managedObjects' attribute to see which workstations he is managing (I'd recommend a startup script on workstations to populate this attribute).  This isn't perfect, but if he's managing more than one workstation, it's a start.

Also, you need to look for the 644 Event on a Domain Controller in the Security Log, which will tell you specifically which workstation caused the lockout of the account.  It's sort of hard to locate if you don't have a script helping you know the exact DC and time of the lockout (thus the need for a program), but if you don't have one, you can filter your DCs and just look for Event ID 644.  Reading through those and looking for the user account that's been locked out, you can see which workstation the lockout is being generated on.

Author Comment

ID: 8036660
srachui it's not really what I wanted to hear, but your answer does confirm that there is not one nice command or Active Directory utility that I could punch the user id into.  I don't really want to have to install a client on every machine.  Right now we check the log files on the DCs to find out where an individual is logged on.  i was hoping for an easier way.  Oh well...thanks!

Featured Post

New benefit for Premium Members - Upgrade now!

Ready to get started with anonymous questions today? It's easy! Learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This is a guide to the following problem (not exclusive but here) on Windows: Users need our support and we supporters often use global administrative accounts to do this. Using these accounts safely is a real challenge. Any admin who takes se…
No security measures warrant 100% as a "silver bullet". The truth is we also cannot assume anything but a defensive and vigilance posture. Adopt no trust by default and reveal in assumption. Only assume anonymity or invisibility in the reverse. Safe…
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…
Suggested Courses
Course of the Month11 days, 13 hours left to enroll

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question