• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 151
  • Last Modified:

Reverse IP addresses into accounts?

Our internet usage monitor (Win2k server, built in logging) usually lists usage under IP addresses, not user account names. I would like either one of the following:

1. Convince W2k server that it should log usernames instead of IP addresses - probably a really simple setting I've missed
or
2. A program which, given an IP address, returns the user logged on at that address ("currently" is sufficient as our IP addresses, although dynamic, rarely change).

Thanks

Geoff M.
0
gmayo
Asked:
gmayo
  • 9
  • 4
1 Solution
 
mdiglioCommented:
Hello,
If you wanted to use number 2 this script should accomplish that.

copy and paste the code below into a notepad file and save it
with a .vbs extension

'!!!Begin Copy !!!

strcomputer = InputBox("Input IP Address","IP2User")

If Ping(strComputer) Then

        Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
        Set colItems = objWMIService.ExecQuery("Select UserName from Win32_ComputerSystem", , 48)
            For Each objitem In colItems
             struser = objitem.username
                 wscript.echo objitem.username
            Next
            'If computer is on but no one logged in
            If strUser = "" Then
                wscript.echo"Computer is at the Ctrl-Alt-Del Screen"
            End If
       Else
            wscript.echo "Copmputer is OFF"
    End If


Function Ping(strComputer)

Dim sHost       'name of Windows XP computer from which the PING command will be initiated
Dim sTarget     'name or IP address of remote computer to which connectivity will be tested
Dim cPingResults    'collection of instances of Win32_PingStatus class
Dim oPingResult     'single instance of Win32_PingStatus class

sHost = "."

Set cPingResults = GetObject("winmgmts:{impersonationLevel=impersonate}//" & _
        sHost & "/root/cimv2").ExecQuery("SELECT * FROM Win32_PingStatus " & _
        "WHERE Address = '" + strComputer + "'")

    For Each oPingResult In cPingResults
        If oPingResult.StatusCode = 0 Then
        Ping = True
          Else
        End If
     
Next
end function

'!!!!End Copy !!!

Good Luck and let us know how it goes
0
 
browolfCommented:
you can also record who's logged on where in a login script.
1. create a hidden share on a server where everyone has write permission
2. in logon script do

for /f "tokens=1,2 delims=:" %%a in ('ipconfig ^| find "IP Address"') do set ip=%%b
for /f "tokens=1,2,3 delims=/" %%a in ('date /t') do set date=%%a%%b%%c
for /f "tokens=1,2 delims=:" %%a in ('time /t') do set time=%%a%%b
echo %date%-%time%-%username% >> \\server\share$\%ip%.txt

this will create a permanent record of who's logged in when for each ip address.

0
 
gmayoAuthor Commented:
The IP lookup works on my PC but doesn't on the server! Claims a syntax error.

I tried putting the code in the logon script, but this doesn't seem to get executed. Well, ip.txt never gets created at the location defined.

Any other ideas?
Thanks

Geoff M.
0
Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

 
browolfCommented:
do you have the logon script running visibly? if you change the last line to
echo %date%-%time%-%username%-%ip%

it should show up on the screen.
when i get back to work next week, i'll have a go with that code myself in our login script.  it's the sort of thing i could do with ;-)
0
 
gmayoAuthor Commented:
I remember we used to get a DOS window flash up on logging in, which I assume was the login script. However, these days we don't see it. I checked my profile to make sure it was in there, which it is. I'll try putting something obvious in there, like MOREing the contents of a large text file!

Geoff M.
0
 
browolfCommented:
Well you can make it run hidden with group policy which is actually how you really want it but then it's not very helpful for debugging.
0
 
browolfCommented:
the problem seems to be that the ip has a space infront of it.
so set ip= 192.168.0.8    fails.

am working on a solution.
0
 
browolfCommented:
got it working for me by doing:

for /f "tokens=1,2* delims=.: " %%a in ('ipconfig ^| find "IP Address"') do set ip=%%c
for /f "tokens=1,2,3* delims=/ " %%a in ('date /t') do set date=%%b%%c%%d
for /f "tokens=1,2 delims=:" %%a in ('time /t') do set time=%%a%%b
echo %date%%time%%username% >> \\server\logs$\pupil\%ip%.txt
0
 
browolfCommented:
hmm it seems to echo it twice for no apparent reason
0
 
browolfCommented:
what i'm going to do next, for me personally,  is write a wsh script that will read the logs files and  insert the information into a mysql database. I already have a similar system that logs and adds ip to computername lookup.
It'll be easy enought to ignore every other line

And then after that write some php that allows me to interrogate it.
0
 
gmayoAuthor Commented:
Any progress?

Geoff M.
0
 
browolfCommented:
it was echoing twice because we had the login script defined in the group policy and the profile of the user. ie it was running twice. a legacy from NT. now i've  sorted that out it echos only once. does it work for you now?
0
 
gmayoAuthor Commented:
Well, no as the script doesn't seem to run at all! However, this does suggest that a more pressing problem lies elsewhere, preventing me testing your code. I'll take another look tomorrow.

Thanks

Geoff M.
0
 
browolfCommented:
i'd create a test OU with a test user with a test gpo and a test login script and put the log cmds in and have a pause after it.
see if that works. if it doesnt, then there's something preventing it in the actual gpo i'd say.
0

Featured Post

[Webinar] Improve your customer journey

A positive customer journey is important in attracting and retaining business. To improve this experience, you can use Google Maps APIs to increase checkout conversions, boost user engagement, and optimize order fulfillment. Learn how in this webinar presented by Dito.

  • 9
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now