Solved

How can I log IP address of failed remote logons?

Posted on 2006-11-07
2
179 Views
Last Modified: 2010-04-11
I have denied access to a user (disabled account). I am still seeing remote logon failures for this account in event log. I would like to ability to log the originating IP address of these remote logons in case we need to take this farther. How can I do this?
0
Comment
Question by:FIFBA
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 18

Expert Comment

by:PowerIT
ID: 17890920
A little more info please. Is this to a specific (intranet) application, to a VPN, to fileshares, terminal servers, client PC etc ...
Also: what is the architecture: firewall, operating systems, etc ... would be helpfull.

J.
0
 
LVL 5

Accepted Solution

by:
darrenakin earned 250 total points
ID: 17891049
Go to your Event Log and look at the failed attempts, it will have the IP listed here
0

Featured Post

Defend Your Organization from The Greatest Threats

Looking to fill the gaps in your security? Bring together information from the network, endpoint and threat intelligence feeds to really see what's happening in your organization. Join the WatchGuardians in their adventures fighting cyber crime!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many businesses neglect disaster recovery and treat it as an after-thought. I can tell you first hand that data will be lost, hard drives die, servers will be hacked, and careless (or malicious) employees can ruin your data.
This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question