Tech-4-Life
asked on
Domain Logon Verification
I am having a problem with concurrent logons in Windows Server 2000/2003.
First, is there a way(OEM/Third Party) to verify what users are logon to the domain.
Second, is there a way to associate the workstation to their userid.
First, is there a way(OEM/Third Party) to verify what users are logon to the domain.
Second, is there a way to associate the workstation to their userid.
To force users to logon from their workstations only go to AD Users and Computers open users properties and under Account you have a button "Log On To..." this where you specify if and from what workstation they are aloud to log on
http://www.sysinternals.com/ntw2k/freeware/psloggedon.shtml
"You can determine who is using resources on your local computer with the "net" command ("net session"), however, there is no built-in way to determine who is using the resources of a remote computer. In addition, NT comes with no tools to see who is logged onto a computer, either locally or remotely. PsLoggedOn is an applet that displays both the locally logged on users and users logged on via resources for either the local computer, or a remote one. If you specify a user name instead of a computer, PsLoggedOn searches the computers in the network neighborhood and tells you if the user is currently logged on. Full source code is included.
PsLoggedOn's definition of a locally logged on user is one that has their profile loaded into the Registry, so PsLoggedOn determines who is logged on by scanning the keys under the HKEY_USERS key. For each key that has a name that is a user SID (security Identifier), PsLoggedOn looks up the corresponding user name and displays it. To determine who is logged onto a computer via resource shares, PsLoggedOn uses the NetSessionEnum API. Note that LoggedOn will show you as logged on via resource share to remote computers that you query because a logon is required for PsLoggedOn to access the Registry of a remote system. "
"You can determine who is using resources on your local computer with the "net" command ("net session"), however, there is no built-in way to determine who is using the resources of a remote computer. In addition, NT comes with no tools to see who is logged onto a computer, either locally or remotely. PsLoggedOn is an applet that displays both the locally logged on users and users logged on via resources for either the local computer, or a remote one. If you specify a user name instead of a computer, PsLoggedOn searches the computers in the network neighborhood and tells you if the user is currently logged on. Full source code is included.
PsLoggedOn's definition of a locally logged on user is one that has their profile loaded into the Registry, so PsLoggedOn determines who is logged on by scanning the keys under the HKEY_USERS key. For each key that has a name that is a user SID (security Identifier), PsLoggedOn looks up the corresponding user name and displays it. To determine who is logged onto a computer via resource shares, PsLoggedOn uses the NetSessionEnum API. Note that LoggedOn will show you as logged on via resource share to remote computers that you query because a logon is required for PsLoggedOn to access the Registry of a remote system. "
Another option would be to utilize Windows Logon & Logoff scripts to launch a small VB app that writes the transaction to a database. Then when a user logs into a domain you would know the date\time, and workstation - and the same for logoffs. You could then do analysis on the logs to catch concurrent logins. We do this on our terminal servers to track certain groups of remote users & report on their usage of the system. If you need additional help with this, let me know!
ASKER
Talphius,
Please provide more information ico of your suggestion.
Please provide more information ico of your suggestion.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.