Link to home
Create AccountLog in
Avatar of avatech
avatechFlag for United States of America

asked on

RDP Sessions Source IP

Is there a way to audit incoming IP addresses to RDP services on Windows Server 2000 and Windows Server 2003 application servers?  I have enabled policy that logs each successful RDP connection and account used to logon but the event does not give the source IP or computer name from where the connection originated.
SOLUTION
Avatar of CDCOP
CDCOP

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
This capability isn't built in - one approach would be to run a login script at the server that logs the client IP address to a file.  I haven't found a mechanism yet to get that information from the command line, I will report back if I find it though.
Avatar of avatech

ASKER

Sounds like a great workable solution from the both of you.  I've been battling Google trying to phrase correctly how to do this.  I keep getting thousands of pages that want to tell me about RDP services and how to check my home IP to get to it.  rather frustrating.  I'm not a scripter so anything you can turn up that would be able to create such a file log would be perfect.
ASKER CERTIFIED SOLUTION
Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
SOLUTION
Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
Avatar of avatech

ASKER

Perfect answers.  I am going to use the following it seems to work well so far as a logon script and completed a single line for each logon with a date/time stamp


echo %clientname% %date% %time% >> c:\rdplog.txt


Thanks for your input hope that this will help someone else down the line and save them from some frustrations =)
Note that IPConfig is going to record the IP information for the terminal server and not the client ip.