Solved

Ldap/ADSI|Script/Query to find out last logged on computer

Posted on 2006-07-10
7
572 Views
Last Modified: 2012-06-27
Hi there,
I'm a systems administrator and my company has various sites across UK. Sometimes users have to travel between sites and often save their data on the C drive of the desktop. All sites are under on domain. I'm fairly new to this but is there is a way I can find out what computer a particular user logged on on a particular day. I mean is there any way we can query Active Direcory to find this out. ? I need to know the computer name the user logged on to .

regards,
Gaurang
0
Comment
Question by:gtrivedi
  • 3
  • 2
  • 2
7 Comments
 
LVL 9

Expert Comment

by:Krompton
ID: 17072555
Gaurang,

The user's last logon time can be stored in AD (See an article here: http://www.petri.co.il/view_additional_user_information_in_aduc.htm). I am not a 100% sure but think you can extract the last time a particular machine accessed the networkas well, but I don't believe the the two are connected in any way within AD. Also, only the last log entry is stored unless you have setup Auditing Policies to track it. (IMO) The best way to track what you want is to incorporate you own logging into a logon script. You can control where and what information is tracked. If you would like help putting together a script let me know and I'll see what I can put together for you.

Cheers,
Krompton
0
 

Author Comment

by:gtrivedi
ID: 17072825
Hi Krompton,

Thats what I thought. The login script can come handy. Now where will you put the login script ? (So that I can track which user logged on to which computer)
The idea is that I have the NT username and want to find the last logged on computer. If you can give me a script that would be wonderful.

Gaurang
0
 
LVL 9

Accepted Solution

by:
Krompton earned 500 total points
ID: 17073718
Gaurang,

Below is an example. Save it as a .vbs file to your NetLogon directory. I would then assign it as a logon script in a new or existing GPO after testing.

Good Luck,
Krompton


'**********************************
Option Explicit
On Error Resume Next
Dim WshNetwork, WshShell, LogFile, oFS, strCPUName, strUserName, objFileSystem, objOutputFile

Const Read = 1
Const Write = 2
Const Append = 8

Set WshShell = WScript.CreateObject("WScript.Shell")
Set oFS = WScript.CreateObject("Scripting.FileSystemObject")

LogFile = "\\Server\Share\Test.log" 'Input your info


Set WshNetwork = WScript.CreateObject("WScript.Network")
strCPUName = WshNetwork.ComputerName
strUserName = ""
'Make sure username loaded
While strUserName = ""
WScript.Sleep 100
strUserName = WshNetwork.UserName
Wend

'Open your log, enter info and close file
OpenFile LogFile, Write'Append
objOutputFile.WriteLine strUserName & " " & "logged on at: (" & Now & ") from: (" & strCPUName & ")"
objOutputFile.Close

WScript.Quit


'Open a file
Public Function OpenFile(FileToOpen, AccessType)'
      set objFileSystem = CreateObject("Scripting.FileSystemObject")
      set objOutputFile = objFileSystem.OpenTextFile(FileToOpen, AccessType, True)
End Function
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 13

Expert Comment

by:haim96
ID: 17074524
i would use simpler batch file :

********************
echo ************ >>\\server\share$\log.txt
echo %username% >>\\server\share$\log.txt
echo %computername% >>\\server\share$\log.txt
echo %time% >>\\server\share$\log.txt
echo %date% >>\\server\share$\log.txt
echo ************ >> \\server\share$\log.txt

********************
put the lines in common login script and replace \\server\share$
with your server name and share that you will create (don't forget write access to everyone)
0
 

Author Comment

by:gtrivedi
ID: 17079631
Thanks Krompton and Haim96. Both script works fine. And I can search for the username and and find the computer name used by the user last. Great stuff!
0
 
LVL 9

Expert Comment

by:Krompton
ID: 17080566
haim96,

Good Batch file and you can do quite a bit with them. Scripting does have much more versitility though and I encourage anyone to learn a scripting language when they administrate a network (VB, Java, Kix or whatever) but as your example shows you don't want to ignore the batch file either.

Gaurang,

As I mentioned, I highly encourage network admins to learn scripting especially VB when you are running a windows AD network. Haim96 does make a good point though that some things are simpler with batch files; I myself have quite a store of them and have no intention of getting rid of them until they no longer function on the prevailing OS of the time. Of course I've been using them since DOS3.0 days in the 80's so who knows when they'll become obsolete. :) And thanks for the points.

Cheers all,
Krompton
0
 
LVL 13

Expert Comment

by:haim96
ID: 17082416
thanks gtrivedi and Krompton   :)
i know how to script VBS and WMI too but if we can keep it simple so whay not ?

cheers
haim
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction How to create multiboot configuration with XP\Vista and Windows 7 on it? And most important question - how to do this correctly so not to have any kind of nightmares we get when system gets screwed? First of all one should realize t…
I. Introduction There's an interesting discussion going on now in an Experts Exchange Group — Attachments with no extension (http://www.experts-exchange.com/discussions/210281/Attachments-with-no-extension.html). This reminded me of questions tha…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
A company’s greatest vulnerability is their email. CEO fraud, ransomware and spear phishing attacks are the no1 threat to a company’s security. Cybercrime is responsible for the largest loss of money to companies today with losses projected to r…

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now