• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1003
  • Last Modified:

RDP Sessions Source IP

Is there a way to audit incoming IP addresses to RDP services on Windows Server 2000 and Windows Server 2003 application servers?  I have enabled policy that logs each successful RDP connection and account used to logon but the event does not give the source IP or computer name from where the connection originated.
0
avatech
Asked:
avatech
  • 3
  • 2
  • 2
3 Solutions
 
CDCOPCommented:
I am not sure about the policy aspect, but you can run a login script that saves the info to a text file or DB if you know how to use recordsets.
0
 
smilerzCommented:
This capability isn't built in - one approach would be to run a login script at the server that logs the client IP address to a file.  I haven't found a mechanism yet to get that information from the command line, I will report back if I find it though.
0
 
avatechAuthor Commented:
Sounds like a great workable solution from the both of you.  I've been battling Google trying to phrase correctly how to do this.  I keep getting thousands of pages that want to tell me about RDP services and how to check my home IP to get to it.  rather frustrating.  I'm not a scripter so anything you can turn up that would be able to create such a file log would be perfect.
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
smilerzCommented:
Can you live with the clientname?

If so you can do something like

echo %clientname% >> c:\RDPLog.txt
0
 
CDCOPCommented:
ECHO --------------------------START------------------------- >> c:\Log.txt
ECHO %DATE% >> c:\Log.txt
ECHO %TIME% >> c:\Log.txt
IPCONFIG >> c:\Log.txt
ECHO ---------------------------END-------------------------- >> c:\Log.txt
0
 
avatechAuthor Commented:
Perfect answers.  I am going to use the following it seems to work well so far as a logon script and completed a single line for each logon with a date/time stamp


echo %clientname% %date% %time% >> c:\rdplog.txt


Thanks for your input hope that this will help someone else down the line and save them from some frustrations =)
0
 
smilerzCommented:
Note that IPConfig is going to record the IP information for the terminal server and not the client ip.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

  • 3
  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now