Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Reverse IP addresses into accounts?

Posted on 2004-10-25
14
Medium Priority
?
150 Views
Last Modified: 2010-04-14
Our internet usage monitor (Win2k server, built in logging) usually lists usage under IP addresses, not user account names. I would like either one of the following:

1. Convince W2k server that it should log usernames instead of IP addresses - probably a really simple setting I've missed
or
2. A program which, given an IP address, returns the user logged on at that address ("currently" is sufficient as our IP addresses, although dynamic, rarely change).

Thanks

Geoff M.
0
Comment
Question by:gmayo
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 9
  • 4
14 Comments
 
LVL 16

Accepted Solution

by:
mdiglio earned 500 total points
ID: 12406559
Hello,
If you wanted to use number 2 this script should accomplish that.

copy and paste the code below into a notepad file and save it
with a .vbs extension

'!!!Begin Copy !!!

strcomputer = InputBox("Input IP Address","IP2User")

If Ping(strComputer) Then

        Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
        Set colItems = objWMIService.ExecQuery("Select UserName from Win32_ComputerSystem", , 48)
            For Each objitem In colItems
             struser = objitem.username
                 wscript.echo objitem.username
            Next
            'If computer is on but no one logged in
            If strUser = "" Then
                wscript.echo"Computer is at the Ctrl-Alt-Del Screen"
            End If
       Else
            wscript.echo "Copmputer is OFF"
    End If


Function Ping(strComputer)

Dim sHost       'name of Windows XP computer from which the PING command will be initiated
Dim sTarget     'name or IP address of remote computer to which connectivity will be tested
Dim cPingResults    'collection of instances of Win32_PingStatus class
Dim oPingResult     'single instance of Win32_PingStatus class

sHost = "."

Set cPingResults = GetObject("winmgmts:{impersonationLevel=impersonate}//" & _
        sHost & "/root/cimv2").ExecQuery("SELECT * FROM Win32_PingStatus " & _
        "WHERE Address = '" + strComputer + "'")

    For Each oPingResult In cPingResults
        If oPingResult.StatusCode = 0 Then
        Ping = True
          Else
        End If
     
Next
end function

'!!!!End Copy !!!

Good Luck and let us know how it goes
0
 
LVL 3

Expert Comment

by:browolf
ID: 12406803
you can also record who's logged on where in a login script.
1. create a hidden share on a server where everyone has write permission
2. in logon script do

for /f "tokens=1,2 delims=:" %%a in ('ipconfig ^| find "IP Address"') do set ip=%%b
for /f "tokens=1,2,3 delims=/" %%a in ('date /t') do set date=%%a%%b%%c
for /f "tokens=1,2 delims=:" %%a in ('time /t') do set time=%%a%%b
echo %date%-%time%-%username% >> \\server\share$\%ip%.txt

this will create a permanent record of who's logged in when for each ip address.

0
 
LVL 8

Author Comment

by:gmayo
ID: 12432731
The IP lookup works on my PC but doesn't on the server! Claims a syntax error.

I tried putting the code in the logon script, but this doesn't seem to get executed. Well, ip.txt never gets created at the location defined.

Any other ideas?
Thanks

Geoff M.
0
What’s Wrong with Your Cloud Strategy ?

Even as many CIOs are embracing a cloud-first strategy, the reality is that moving to the cloud is a lengthy process and the end-state is likely to be a blend of multiple clouds—public and private. Learn why multicloud solutions matter in this webinar by Nimble Storage.

 
LVL 3

Expert Comment

by:browolf
ID: 12432834
do you have the logon script running visibly? if you change the last line to
echo %date%-%time%-%username%-%ip%

it should show up on the screen.
when i get back to work next week, i'll have a go with that code myself in our login script.  it's the sort of thing i could do with ;-)
0
 
LVL 8

Author Comment

by:gmayo
ID: 12434372
I remember we used to get a DOS window flash up on logging in, which I assume was the login script. However, these days we don't see it. I checked my profile to make sure it was in there, which it is. I'll try putting something obvious in there, like MOREing the contents of a large text file!

Geoff M.
0
 
LVL 3

Expert Comment

by:browolf
ID: 12435416
Well you can make it run hidden with group policy which is actually how you really want it but then it's not very helpful for debugging.
0
 
LVL 3

Expert Comment

by:browolf
ID: 12462653
the problem seems to be that the ip has a space infront of it.
so set ip= 192.168.0.8    fails.

am working on a solution.
0
 
LVL 3

Expert Comment

by:browolf
ID: 12462822
got it working for me by doing:

for /f "tokens=1,2* delims=.: " %%a in ('ipconfig ^| find "IP Address"') do set ip=%%c
for /f "tokens=1,2,3* delims=/ " %%a in ('date /t') do set date=%%b%%c%%d
for /f "tokens=1,2 delims=:" %%a in ('time /t') do set time=%%a%%b
echo %date%%time%%username% >> \\server\logs$\pupil\%ip%.txt
0
 
LVL 3

Expert Comment

by:browolf
ID: 12462851
hmm it seems to echo it twice for no apparent reason
0
 
LVL 3

Expert Comment

by:browolf
ID: 12462958
what i'm going to do next, for me personally,  is write a wsh script that will read the logs files and  insert the information into a mysql database. I already have a similar system that logs and adds ip to computername lookup.
It'll be easy enought to ignore every other line

And then after that write some php that allows me to interrogate it.
0
 
LVL 8

Author Comment

by:gmayo
ID: 12484161
Any progress?

Geoff M.
0
 
LVL 3

Expert Comment

by:browolf
ID: 12484240
it was echoing twice because we had the login script defined in the group policy and the profile of the user. ie it was running twice. a legacy from NT. now i've  sorted that out it echos only once. does it work for you now?
0
 
LVL 8

Author Comment

by:gmayo
ID: 12485535
Well, no as the script doesn't seem to run at all! However, this does suggest that a more pressing problem lies elsewhere, preventing me testing your code. I'll take another look tomorrow.

Thanks

Geoff M.
0
 
LVL 3

Expert Comment

by:browolf
ID: 12485717
i'd create a test OU with a test user with a test gpo and a test login script and put the log cmds in and have a pause after it.
see if that works. if it doesnt, then there's something preventing it in the actual gpo i'd say.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
With its various features, Office 365 can not only help you with your day-to-day business tasks, it can also do wonders for your marketing campaign.
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…
Want to learn how to record your desktop screen without having to use an outside camera. Click on this video and learn how to use the cool google extension called "Screencastify"! Step 1: Open a new google tab Step 2: Go to the left hand upper corn…
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question