Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


Domain Logon Verification

Posted on 2004-10-27
Medium Priority
Last Modified: 2010-04-19
I am having a problem with concurrent logons in Windows Server 2000/2003.  

First, is there a way(OEM/Third Party) to verify what users are logon to the domain.

Second, is there a way to associate the workstation to their userid.
Question by:Tech-4-Life
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2

Expert Comment

ID: 12423134
To force users to logon from their workstations only go to AD Users and Computers open users properties and under Account you have a button "Log On To..." this where you specify if and from what workstation they are aloud to log on

Expert Comment

ID: 12423203

"You can determine who is using resources on your local computer with the "net" command ("net session"), however, there is no built-in way to determine who is using the resources of a remote computer. In addition, NT comes with no tools to see who is logged onto a computer, either locally or remotely. PsLoggedOn is an applet that displays both the locally logged on users and users logged on via resources for either the local computer, or a remote one. If you specify a user name instead of a computer, PsLoggedOn searches the computers in the network neighborhood and tells you if the user is currently logged on. Full source code is included.

PsLoggedOn's definition of a locally logged on user is one that has their profile loaded into the Registry, so PsLoggedOn determines who is logged on by scanning the keys under the HKEY_USERS key. For each key that has a name that is a user SID (security Identifier), PsLoggedOn looks up the corresponding user name and displays it. To determine who is logged onto a computer via resource shares, PsLoggedOn uses the NetSessionEnum API. Note that LoggedOn will show you as logged on via resource share to remote computers that you query because a logon is required for PsLoggedOn to access the Registry of a remote system. "

Expert Comment

ID: 12423351
Another option would be to utilize Windows Logon & Logoff scripts to launch a small VB app that writes the transaction to a database.  Then when a user logs into a domain you would know the date\time, and workstation - and the same for logoffs.  You could then do analysis on the logs to catch concurrent logins.  We do this on our terminal servers to track certain groups of remote users & report on their usage of the system.  If you need additional help with this, let me know!

Author Comment

ID: 12540430

Please provide more information ico of your suggestion.

Accepted Solution

talphius earned 1000 total points
ID: 12594920
My appologies for not responding sooner - I've been out of town and thought the question had been abandoned.  Here's a sample VB script of what I was talking about.  Basically it will add a row to the DB table with the Computer Name, Date\Time, and Username - you would simply run this as part of a login script.  You could track logoffs as well by changing the type from login to logoff, and running the new copy as a logoff script.  Let me know if you have any questions!


CONST DSNNAME = "LoginTracker"
Const TableName = "Logins"

Const adOpenStatic = 3
Const adLockOptimistic = 3
Const adUseClient = 3

Dim Net
Dim wshSysEnv
Dim TimeDate

Set objConnection = CreateObject("ADODB.Connection")
Set objRecordset = CreateObject("ADODB.Recordset")
Set net = CreateObject("WScript.Network")    
Set WshSysEnv = WshShell.Environment("SYSTEM")

Computername = WshSysEnv("COMPUTERNAME")
UserName = Net.UserName
TimeDate = Now

objConnection.Open "DSN=" & DSNNAME & ";"
objRecordset.CursorLocation = adUseClient
objRecordset.Open "SELECT * FROM " & TableName , objConnection, _
adOpenStatic, adLockOptimistic


objRecordset("ComputerName") = Computername
objRecordset("UserName") = UserName
objRecordset("Type") = "Login"
objRecordset("When") = TimeDate




Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

by Batuhan Cetin Within the dynamic life of an IT administrator, we hold many information in our minds like user names, passwords, IDs, phone numbers, incomes, service tags, bills and the order from our wives to buy milk when coming back to home.…
I guess it is not common knowledge to most Wintel engineers/administrators: If you have an SNMP-based monitoring system in your environment (and it's common to have SNMP or Syslog) it's reasonably easy to enable monitoring of the Windows Event logs,…
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…
Suggested Courses

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question