Solved

I would like to know which users are logging on to which computers in AD 2003.

Posted on 2009-05-19
6
261 Views
Last Modified: 2013-11-25
I'm trying to create an inventory list to link users to the computers they log into.  Is there a query in AD that can accomplish this?  I've seen inactive user and computer queries, but just can't seem to get the info I'm looking for.  

Thanks
0
Comment
Question by:lakeview108
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 15

Expert Comment

by:zelron22
ID: 24424775
If you have Symantec antivirus, the management console will show you who is logged into a given computer.

Alternatively, you could add a line to a login script that updates a file with %username% and %computername%.  Put the file somewhere users can access, such as a hidden share called \\servername\userpclogs$.
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 24424833
To follow up zelron's comment you can look at this article
http://support.microsoft.com/kb/556015
How to track users logon/logoff
You can also track events on your DCs (security log).  Third party event management tools can help with that (but they are not cheap)
Thanks
Mike
 
0
 

Author Comment

by:lakeview108
ID: 24424906
mkline71, I have the auditing features turned on, but on the DC I only get ComputerName logon/logoff events and the userID only reiterates the ComputerName.  I've looked at the 3rd party tools, but they are very expensive and to much for the budget right now.  I was really hoping for free.  ;-)
0
Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 
LVL 26

Accepted Solution

by:
Pber earned 500 total points
ID: 24425697
Unfortunately Windows doesn't make this easy.
A while ago I came across this solution, it required some permission changes to the description attribute in AD, but none the less, cool solution:
http://www.experts-exchange.com/Programming/Languages/Visual_Basic/VB_Script/Q_23509035.html
further info:
http://share.intelliem.com/cs/blogs/danholme/archive/2008/05/11/populate-computer-description-field-with-information-about-the-logged-on-user.aspx 
0
 

Author Closing Comment

by:lakeview108
ID: 31583145
Pber, that wasn't exactly what I was looking for but that's only because I wasn't looking in the right direction.  Thanks a bunch for that script and the further info, it was very helpful!  
0
 
LVL 26

Expert Comment

by:Pber
ID: 24426353
Glad to help.  Alternately, you can generate log file(s) on a share somewhere in your network that all users write to when they logon to the network.  Then you can just look in that one area.  This is what we do.   You can then process the files and import them into a database and manipulate the data any way you like.  Good for stuff like daily logs, user or computer specific logs.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article runs through the process of deploying a single EXE application selectively to a group of user.
Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html?cid=Gene_Skyport) provided 218 attendees with a step-by-step guide for…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question