Link to home
Create AccountLog in
Avatar of xttremegee
xttremegee

asked on

How to find out logged in users

Hey experts, i know there is probably a simple answer for this.  I'm trying to find out how i can view the users info that are logged on to a win2k3 domain.  I can view logins for file or resource accesses, but i want to be able to see the loged in users and maybe their MAC addresses.
Avatar of anhtai
anhtai

Hi xttremegee,

Check the DHCP server for their MAC address

Cheers!
ASKER CERTIFIED SOLUTION
Avatar of Steve Agnew
Steve Agnew
Flag of United States of America image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
to find out who is logged in type

NET SESSION at the dos prompt which will list all those who are currently logged in

by using the computer management console under admin tools, then clicking on system tools, shared folders, session brings up who is currently using the shares on the server.

I dont think either are exactly what you need but may provide some information.

regards chris
Actually that isn't true.. it will only tell you who has active connections, windows drops the connection after a short period of time and doesn't maintain them.  To see this map a network drive or open my computer after about 10 minutes you will see red X's on them because windows disconnects.. it only activates it upon demand this is to lower what the server has to keep up and for perfomance issues..
A utility called USRSTAT.EXE is shipped with the NT Server  Resource Kit, and this utility supplies information on all members of a given domain, including time/date of last login
usrstat <domain>
e.g. usrstat savilltech

Ref & more info:
http://www.windowsitpro.com/Article/ArticleID/15063/15063.html

Good luck.

Naser
Avatar of xttremegee

ASKER

Hey guys, thanks for the info, if i had weighted this more i'd split the points.  I only selected DeadNight 's answer 'cause it's pretty detailed and it actually has the original solution i was thinking of using(dumping logged in time\user\machine to text file).....

Thanks alot guys!!
Using Group Policy logon/logoff scripts we have a vbscript that sets CustomAttribute1 to 1 on logon and 0 on logoff and then the Query-Based Distribution group checks AD for all the 1's and sends the email to those people. The only issue we've found seems to be around password expiry time. If a user's password expires or sometimes even when they do change it in time, the script fails with an error saying "Table does not exist". I'm fairly sure this is because the script is denied access to read from/write to active directory because their password or other security doesn't match up. To fix it we either reset their password and then run the script manually or sometimes we don't have to because the next time they launch Outlook, they are prompted for their password and given the option to save the updated password. The next time they logon it works OK. Anyway, here are the scripts in case anyone wants to use them. There might be better ways to code it but it works.

Logon:

dim oshell
dim UserString
dim objUser

set oshell = wscript.createobject("wscript.shell")
UserString = oshell.expandenvironmentstrings("%username%")
UserDN = SearchDistinguishedName(UserString)

Set objUser = GetObject("LDAP://" & UserDN)

objUser.Put "extensionAttribute1", "1"
objUser.SetInfo

Public Function SearchDistinguishedName(ByVal vSAN)
    Dim oRootDSE, oConnection, oCommand, oRecordSet

    Set oRootDSE = GetObject("LDAP://rootDSE")
    Set oConnection = CreateObject("ADODB.Connection")
    oConnection.Open "Provider=ADsDSOObject;"
    Set oCommand = CreateObject("ADODB.Command")
    oCommand.ActiveConnection = oConnection
    oCommand.CommandText = "<LDAP://" & oRootDSE.get("defaultNamingContext") & _
        ">;(&(objectCategory=User)(samAccountName=" & vSAN & "));distinguishedName;subtree"
    Set oRecordSet = oCommand.Execute
    On Error Resume Next
    SearchDistinguishedName = oRecordSet.Fields("DistinguishedName")
    On Error GoTo 0
    oConnection.Close
    Set oRecordSet = Nothing
    Set oCommand = Nothing
    Set oConnection = Nothing
    Set oRootDSE = Nothing
End Function

Set oshell = Nothing
Set objUser = Nothing
===================================================
Logoff:

dim oshell
dim UserString
dim objUser

set oshell = wscript.createobject("wscript.shell")
UserString = oshell.expandenvironmentstrings("%username%")
UserDN = SearchDistinguishedName(UserString)

Set objUser = GetObject("LDAP://" & UserDN)

objUser.Put "extensionAttribute1", "0"
objUser.SetInfo

Public Function SearchDistinguishedName(ByVal vSAN)
    Dim oRootDSE, oConnection, oCommand, oRecordSet

    Set oRootDSE = GetObject("LDAP://rootDSE")
    Set oConnection = CreateObject("ADODB.Connection")
    oConnection.Open "Provider=ADsDSOObject;"
    Set oCommand = CreateObject("ADODB.Command")
    oCommand.ActiveConnection = oConnection
    oCommand.CommandText = "<LDAP://" & oRootDSE.get("defaultNamingContext") & _
        ">;(&(objectCategory=User)(samAccountName=" & vSAN & "));distinguishedName;subtree"
    Set oRecordSet = oCommand.Execute
    On Error Resume Next
    SearchDistinguishedName = oRecordSet.Fields("DistinguishedName")
    On Error GoTo 0
    oConnection.Close
    Set oRecordSet = Nothing
    Set oCommand = Nothing
    Set oConnection = Nothing
    Set oRootDSE = Nothing
End Function

Set oshell = Nothing
Set objUser = Nothing

Hope somebody can make use of it.

Cheers,

Pat Mckeon
IT Support Consultant Extraordinaire
Audley Travel Group