Solved

Domain Logon Verification

Posted on 2004-10-27
338 Views
Last Modified: 2010-04-19
I am having a problem with concurrent logons in Windows Server 2000/2003.  

First, is there a way(OEM/Third Party) to verify what users are logon to the domain.

Second, is there a way to associate the workstation to their userid.
0
Question by:Tech-4-Life
    5 Comments
     
    LVL 7

    Expert Comment

    by:corneliup
    To force users to logon from their workstations only go to AD Users and Computers open users properties and under Account you have a button "Log On To..." this where you specify if and from what workstation they are aloud to log on
    0
     
    LVL 7

    Expert Comment

    by:corneliup
    http://www.sysinternals.com/ntw2k/freeware/psloggedon.shtml

    "You can determine who is using resources on your local computer with the "net" command ("net session"), however, there is no built-in way to determine who is using the resources of a remote computer. In addition, NT comes with no tools to see who is logged onto a computer, either locally or remotely. PsLoggedOn is an applet that displays both the locally logged on users and users logged on via resources for either the local computer, or a remote one. If you specify a user name instead of a computer, PsLoggedOn searches the computers in the network neighborhood and tells you if the user is currently logged on. Full source code is included.

    PsLoggedOn's definition of a locally logged on user is one that has their profile loaded into the Registry, so PsLoggedOn determines who is logged on by scanning the keys under the HKEY_USERS key. For each key that has a name that is a user SID (security Identifier), PsLoggedOn looks up the corresponding user name and displays it. To determine who is logged onto a computer via resource shares, PsLoggedOn uses the NetSessionEnum API. Note that LoggedOn will show you as logged on via resource share to remote computers that you query because a logon is required for PsLoggedOn to access the Registry of a remote system. "
    0
     
    LVL 5

    Expert Comment

    by:talphius
    Another option would be to utilize Windows Logon & Logoff scripts to launch a small VB app that writes the transaction to a database.  Then when a user logs into a domain you would know the date\time, and workstation - and the same for logoffs.  You could then do analysis on the logs to catch concurrent logins.  We do this on our terminal servers to track certain groups of remote users & report on their usage of the system.  If you need additional help with this, let me know!
    0
     

    Author Comment

    by:Tech-4-Life
    Talphius,

    Please provide more information ico of your suggestion.
    0
     
    LVL 5

    Accepted Solution

    by:
    My appologies for not responding sooner - I've been out of town and thought the question had been abandoned.  Here's a sample VB script of what I was talking about.  Basically it will add a row to the DB table with the Computer Name, Date\Time, and Username - you would simply run this as part of a login script.  You could track logoffs as well by changing the type from login to logoff, and running the new copy as a logoff script.  Let me know if you have any questions!

    -------------

    CONST DSNNAME = "LoginTracker"
    Const TableName = "Logins"

    Const adOpenStatic = 3
    Const adLockOptimistic = 3
    Const adUseClient = 3

    Dim Net
    Dim wshSysEnv
    Dim TimeDate

    Set objConnection = CreateObject("ADODB.Connection")
    Set objRecordset = CreateObject("ADODB.Recordset")
    Set net = CreateObject("WScript.Network")    
    Set WshSysEnv = WshShell.Environment("SYSTEM")

    Computername = WshSysEnv("COMPUTERNAME")
    UserName = Net.UserName
    TimeDate = Now

    objConnection.Open "DSN=" & DSNNAME & ";"
    objRecordset.CursorLocation = adUseClient
    objRecordset.Open "SELECT * FROM " & TableName , objConnection, _
    adOpenStatic, adLockOptimistic

    objRecordset.AddNew

    objRecordset("ComputerName") = Computername
    objRecordset("UserName") = UserName
    objRecordset("Type") = "Login"
    objRecordset("When") = TimeDate

    objRecordset.Update

    objRecordset.Close
    objConnection.Close


    0

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Cisco Complete Network Certification Training

    If you’re an IT engineer or technician, it's time you take your career to the next level. This elite training bundle is brimming with all of the information you need to learn to sit for Cisco CNNA, CCNP, and CCENT certification exams.

    by Batuhan Cetin Within the dynamic life of an IT administrator, we hold many information in our minds like user names, passwords, IDs, phone numbers, incomes, service tags, bills and the order from our wives to buy milk when coming back to home.…
    Many of us need to configure DHCP server(s) in their environment. We can do that simply via DHCP console on server or using MMC snap-in on each computer with Administrative Tools installed in a network. But what if we have to configure many DHCP ser…
    This video Micro Tutorial is the second in a two-part series that shows how to create and use custom scanning profiles in Nuance's PaperPort 14.5 (http://www.experts-exchange.com/articles/17490/). But the ability to create custom scanning profiles a…
    how to add IIS SMTP to handle application/Scanner relays into office 365.

    856 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now