Solved

How I Know the Domain Login & Local Login for each winXP as Admin

Posted on 2004-09-04
5
161 Views
Last Modified: 2010-04-14
Dear All,

 Is there a way to know eash PC(Win XP) whats have the NT Domain Login & Local Login as Administrator
 Ex:
We have Win2000 Server SP.4 whith  1 Domain and 1500 XP PC in our company as Administrators i can know by IPaddres The name of Win Xp pc registerd like this IP (10.3.3.17 ----> Neno as PC)  but the main Q? the NeNo pc which Domain Login he used and if it possible if i can now also the Local Login he created on Neno PC.

Thanks
0
Comment
Question by:Nemreen
  • 3
  • 2
5 Comments
 

Author Comment

by:Nemreen
ID: 11983641
Still there no answer ? its clear
0
 
LVL 6

Expert Comment

by:Scott_Willcocks
ID: 11988097
to find out what local account he used on his machine

right mouse click >my computer and select manage from your machine

 In the management console right mouse click computer management local and select connect to another computer
type in the network name formthe pc in question Neno this connect to his management console.

go to the local users and groups and check users to see iwhat locally held user accounts are on this machine delete the ones you don't want him to have.

Or rename if you like.

then goto groups and enter the administrator group and remove any usernames that you don't want to have local administrator rights on the local machine.

to go through the security log

goto the event viewer and if you are the domain admin goto the security tab this lists everyone who has logged onto that pc also any failed attempts browse through there and you should get an idea of whose logging onto the rogue PC
0
 

Author Comment

by:Nemreen
ID: 12033354
Thanx Man now i can know for eash machine the local account.

 ok but how i know the domain login like Neno PC the user he logine by Nazx01@xxx.com.ca to the domain? (How I Know the Domain Login fo each PC )
0
 
LVL 6

Accepted Solution

by:
Scott_Willcocks earned 30 total points
ID: 12041927
like I said log onto th the remote management goto event viewer of the PC and check the security tab this lists all the login attempts on that pc

you can right mouse click on the security tab and goto properties and set the event viewer to only log information you want. in this case successful audits also leave the failed on as if the user gets there logon attempt wrong it logs it there as well.

heres dos

@ECHO.
@ECHO The user logged in is: %USERNAME%
@ECHO.

put in a batch and >> to text

vbscript

Dim strUserName
Set wshShell = WScript.CreateObject("WScript.Shell")
strUserName = WshShell.ExpandEnvironmentStrings("%USERNAME%")
WScript.Echo ("The user logged in is: " & vbCrlf & strUserName


or better if w2k or xp WMI

Dim strUserName
Set WshNetwork = WScript.CreateObject("WScript.Network")
strUserName = WshNetwork.UserName
WScript.Echo ("The user logged in is: " & vbCrlf & strUserName

the last two you need to be logged on as the user if you have logon scripts you can change thw wscript.echo and get it to pass it to a text file then just set up a machine poilicy and attach the script to it.

0
 

Author Comment

by:Nemreen
ID: 12042189
Ok Thans again its very clear :)
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
While it may be true that the internet is a place of possibilities, it is also a hostile environment lurking with many dangers. By clicking on the wrong link, trusting the wrong person or using a weak password, you are virtually inviting hackers to …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial

713 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question