Domain Logon Verification

I am having a problem with concurrent logons in Windows Server 2000/2003.  

First, is there a way(OEM/Third Party) to verify what users are logon to the domain.

Second, is there a way to associate the workstation to their userid.
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

talphiusConnect With a Mentor Commented:
My appologies for not responding sooner - I've been out of town and thought the question had been abandoned.  Here's a sample VB script of what I was talking about.  Basically it will add a row to the DB table with the Computer Name, Date\Time, and Username - you would simply run this as part of a login script.  You could track logoffs as well by changing the type from login to logoff, and running the new copy as a logoff script.  Let me know if you have any questions!


CONST DSNNAME = "LoginTracker"
Const TableName = "Logins"

Const adOpenStatic = 3
Const adLockOptimistic = 3
Const adUseClient = 3

Dim Net
Dim wshSysEnv
Dim TimeDate

Set objConnection = CreateObject("ADODB.Connection")
Set objRecordset = CreateObject("ADODB.Recordset")
Set net = CreateObject("WScript.Network")    
Set WshSysEnv = WshShell.Environment("SYSTEM")

Computername = WshSysEnv("COMPUTERNAME")
UserName = Net.UserName
TimeDate = Now

objConnection.Open "DSN=" & DSNNAME & ";"
objRecordset.CursorLocation = adUseClient
objRecordset.Open "SELECT * FROM " & TableName , objConnection, _
adOpenStatic, adLockOptimistic


objRecordset("ComputerName") = Computername
objRecordset("UserName") = UserName
objRecordset("Type") = "Login"
objRecordset("When") = TimeDate



To force users to logon from their workstations only go to AD Users and Computers open users properties and under Account you have a button "Log On To..." this where you specify if and from what workstation they are aloud to log on

"You can determine who is using resources on your local computer with the "net" command ("net session"), however, there is no built-in way to determine who is using the resources of a remote computer. In addition, NT comes with no tools to see who is logged onto a computer, either locally or remotely. PsLoggedOn is an applet that displays both the locally logged on users and users logged on via resources for either the local computer, or a remote one. If you specify a user name instead of a computer, PsLoggedOn searches the computers in the network neighborhood and tells you if the user is currently logged on. Full source code is included.

PsLoggedOn's definition of a locally logged on user is one that has their profile loaded into the Registry, so PsLoggedOn determines who is logged on by scanning the keys under the HKEY_USERS key. For each key that has a name that is a user SID (security Identifier), PsLoggedOn looks up the corresponding user name and displays it. To determine who is logged onto a computer via resource shares, PsLoggedOn uses the NetSessionEnum API. Note that LoggedOn will show you as logged on via resource share to remote computers that you query because a logon is required for PsLoggedOn to access the Registry of a remote system. "
Another option would be to utilize Windows Logon & Logoff scripts to launch a small VB app that writes the transaction to a database.  Then when a user logs into a domain you would know the date\time, and workstation - and the same for logoffs.  You could then do analysis on the logs to catch concurrent logins.  We do this on our terminal servers to track certain groups of remote users & report on their usage of the system.  If you need additional help with this, let me know!
Tech-4-LifeAuthor Commented:

Please provide more information ico of your suggestion.
All Courses

From novice to tech pro — start learning today.