Domain Logon Verification

I am having a problem with concurrent logons in Windows Server 2000/2003.  

First, is there a way(OEM/Third Party) to verify what users are logon to the domain.

Second, is there a way to associate the workstation to their userid.
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

To force users to logon from their workstations only go to AD Users and Computers open users properties and under Account you have a button "Log On To..." this where you specify if and from what workstation they are aloud to log on

"You can determine who is using resources on your local computer with the "net" command ("net session"), however, there is no built-in way to determine who is using the resources of a remote computer. In addition, NT comes with no tools to see who is logged onto a computer, either locally or remotely. PsLoggedOn is an applet that displays both the locally logged on users and users logged on via resources for either the local computer, or a remote one. If you specify a user name instead of a computer, PsLoggedOn searches the computers in the network neighborhood and tells you if the user is currently logged on. Full source code is included.

PsLoggedOn's definition of a locally logged on user is one that has their profile loaded into the Registry, so PsLoggedOn determines who is logged on by scanning the keys under the HKEY_USERS key. For each key that has a name that is a user SID (security Identifier), PsLoggedOn looks up the corresponding user name and displays it. To determine who is logged onto a computer via resource shares, PsLoggedOn uses the NetSessionEnum API. Note that LoggedOn will show you as logged on via resource share to remote computers that you query because a logon is required for PsLoggedOn to access the Registry of a remote system. "
Another option would be to utilize Windows Logon & Logoff scripts to launch a small VB app that writes the transaction to a database.  Then when a user logs into a domain you would know the date\time, and workstation - and the same for logoffs.  You could then do analysis on the logs to catch concurrent logins.  We do this on our terminal servers to track certain groups of remote users & report on their usage of the system.  If you need additional help with this, let me know!
Tech-4-LifeAuthor Commented:

Please provide more information ico of your suggestion.
My appologies for not responding sooner - I've been out of town and thought the question had been abandoned.  Here's a sample VB script of what I was talking about.  Basically it will add a row to the DB table with the Computer Name, Date\Time, and Username - you would simply run this as part of a login script.  You could track logoffs as well by changing the type from login to logoff, and running the new copy as a logoff script.  Let me know if you have any questions!


CONST DSNNAME = "LoginTracker"
Const TableName = "Logins"

Const adOpenStatic = 3
Const adLockOptimistic = 3
Const adUseClient = 3

Dim Net
Dim wshSysEnv
Dim TimeDate

Set objConnection = CreateObject("ADODB.Connection")
Set objRecordset = CreateObject("ADODB.Recordset")
Set net = CreateObject("WScript.Network")    
Set WshSysEnv = WshShell.Environment("SYSTEM")

Computername = WshSysEnv("COMPUTERNAME")
UserName = Net.UserName
TimeDate = Now

objConnection.Open "DSN=" & DSNNAME & ";"
objRecordset.CursorLocation = adUseClient
objRecordset.Open "SELECT * FROM " & TableName , objConnection, _
adOpenStatic, adLockOptimistic


objRecordset("ComputerName") = Computername
objRecordset("UserName") = UserName
objRecordset("Type") = "Login"
objRecordset("When") = TimeDate




Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.