Solved

How to audit user's session time on Windows 2003

Posted on 2009-04-06
5
348 Views
Last Modified: 2012-05-06
Hi Experts:

I need to a report to tell me how long a user's session time is. Could someone tell me how to get this information on Windows server 2003?
The server is not in a domain envirnment.

Thanks
0
Comment
Question by:changjia
  • 3
  • 2
5 Comments
 
LVL 31

Expert Comment

by:DrUltima
Comment Utility
Do you want to audit console session, TS session, or both?
0
 

Author Comment

by:changjia
Comment Utility
both sessions.
0
 
LVL 31

Expert Comment

by:DrUltima
Comment Utility
I am not sure of a neat way or tool to do this automatically, but you can turn on Auditing in Server 2003 to allow for you to log both the log on times and the log off times.  You could manually calculate the different or export the logs into some sort of database to parse and calculate the info.

Alternately, you could use GPO to have login scripts and log off scripts.  When invoked, you could dump the user and time data into a SQL (or db of your choice) database.  I use login scripts and logoff scripts on various servers in my domain at a domain level GPO, but you could just as easily set up the GPO on the local machine only.  If you don't have a running DB you want to dump to, you could set up MSSQL 2005 lite (or MSDE) on your local 2003 server.
0
 

Author Comment

by:changjia
Comment Utility
how to turn on auditing on the server to log both the log on times and log off times? what are the event id that I should look for?

Thanks

0
 
LVL 31

Accepted Solution

by:
DrUltima earned 500 total points
Comment Utility
To enable auditing locally in Windows Server 2003, open the Control Panel, Administrative Tools, and double click Local Security Policy. Expand Local Policies and select Audit Policy.  Look for:

Audit Account Logon Events

This tracks user logon and logoff events.
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

This may not be a text book method to resolve VSS backup issues but it seemed to have worked on few of the Windows 2003 servers we had issues while performing a Volume Shadow Copy backup. If you have issues while performing a shadow copy backup usin…
I've always wanted to allow a user to have a printer no matter where they login. The steps below will show you how to achieve just that. In this Article I'll show how to deploy printers automatically with group policy and then using security fil…
This video discusses moving either the default database or any database to a new volume.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now