Solved

Capture login id and computer name information

Posted on 2004-03-26
15
701 Views
Last Modified: 2010-04-13
Hi, We'd like to capture login id and computer name information so that whenever a person logins in to the pc it logs it to a file. We need to capture the computername too because we want to do this on Win2k Terminal Servies. Thanks
0
Comment
Question by:stevensc
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 2
  • 2
  • +3
15 Comments
 
LVL 57

Expert Comment

by:Pete Long
ID: 10690347
Add this to the login script, or place it as a batch file in the users startup directory


::Begin

date/t>>filename.txt
echo %computername%>>filename.txt
echo %username%>>filename.txt

::End

you can change the path to filename.txt to server share to hold the info centrally :)
0
 
LVL 31

Expert Comment

by:Gareth Gudger
ID: 10690364
You can also track successful and failed logins through the group policy which would log the time/date in Event Viewer.
0
 
LVL 86

Accepted Solution

by:
jkr earned 500 total points
ID: 10690376
Why don't you turn on auditing for logon events? See e.g. http://www.microsoft.com/technet/prodtechnol/windows2000serv/maintain/monitor/logevnts.mspx ("Audit Account Logon Events") and http://www.microsoft.com/technet/prodtechnol/windows2000serv/maintain/monitor/logonoff.mspx ("Tracking Logon and Logoff Activity in Windows 2000")
0
Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

 
LVL 40

Expert Comment

by:Fatal_Exception
ID: 10690957
More insight on auditing account logons..::

http://www.winnetmag.com/Article/ArticleID/21295/Windows_21295.html

To start auditing account logon events, you can either enable auditing for this category in Default Domain Controllers Policy or switch the policy to not defined, in which case Default Domain Policy will be the only GPO specifying an audit policy.

The difference between Audit logon events and Audit account logon events is where Win2K tracks and records the logon events. Audit logon events tracks and records events at the workstation, whereas Audit account logon events tracks and records events centrally at your DC. (Audit account logon events also shows the low-level Kerberos logon details.) For more information, see my Windows 2000 Magazine article "Audit Account Logon Events" (March 2001).

FE
0
 
LVL 6

Expert Comment

by:Greenclock
ID: 10692360
Stevensc

Take what "PeteLong" suggested and add the extra line to give you the name of the machine that was used to connect to the Terminal Server.   Variable is %ClientName% You will need to setup a filearea that is Read/Write so that the log can be generated.

echo %ClientName% >> Filename.txt


::Begin

date/t>>filename.txt
echo %computername%>>filename.txt
echo %ClientName% >> Filename.txt              <------ Extra Line
echo %username%>>filename.txt

::End



GC
0
 
LVL 14

Expert Comment

by:spiderfix
ID: 10693153
This gives you...

computer name - logon name - date - time - ip

--------------------------  cut  --------------------------
@echo off
for /F "tokens=2 delims=:" %%K in ('ipconfig ^| find /I "IP Address"') do set IPADD=%%K
echo %computername% - %username% - %date% %time% %ipadd% >>"C:\userlogs.txt"
@cls
--------------------------  cut  --------------------------
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 10693920
Morning spiderfix, why dont my scripts ever look as pretty as yours :(

Pete
0
 
LVL 14

Expert Comment

by:spiderfix
ID: 10693949
Ha! Pete :)

Either because I'm obsessive compulsive or I don't trust
users [at all] so scripts and group policy keep me sane.

They didn't look like that in 2000...users took me there ;)

0
 
LVL 57

Expert Comment

by:Pete Long
ID: 10693953
:)
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 11493970
Split
0
 
LVL 86

Expert Comment

by:jkr
ID: 11494032
Hmm, Id say that  http://www.microsoft.com/technet/prodtechnol/windows2000serv/maintain/monitor/logonoff.mspx ("Tracking Logon and Logoff Activity in Windows 2000") hits the nail *right* on the head...
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 11494148
agree, assuming steven had a domain of course.
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The following article is comprised of the pearls we have garnered deploying virtualization solutions since Virtual Server 2005 and subsequent 2008 RTM+ Hyper-V in standalone and clustered environments.
NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question