How do I identify the Active Directory user if I have an IP address and Computer Name?

How do I identify the Active Directory user if I have an IP address and Computer Name?

I have users within a small LAN that constantly stream audio and video and it is killing our bandwidth.  I have a Cisco ASA 5510 and am able to see the Top 10 Sources which will give me the IP address; however, when I go into Active Directory's DNS Management, and Forward Lookup Zones, it only lists the Machine/PC name on the network.  Upon setup, I used the Dell service tag number to name the workstations; therefore, I am unable to exactly identify which user is hogging all the network bandwidth resources.  

How to I match the LAN IP address:  192.168.0.x after having the PC/Workstation node Name, to the Actual NAME of the user in Active Directory users??
mycoal_2006Asked:
Who is Participating?
 
Joseph MoodyBlogger and wearer of all hats.Commented:
Look up the IP in DHCP. The computer name will be beside it.

Next open up regedit - click file connect network registry. Connect to the computer name above.

On the remote registry, browse to HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon. Look for the key defaultusername

You can also browse to \\COMPUTERNAME\c$. Look in either Documents and Settings or Users (depending on OS). Sort by date modified. The newest profile will be your logged on user. If it is Vista/7, it will be even easier. The profile will have a lock over it.
0
 
Justin OwensITIL Problem ManagerCommented:
Been a while since I have tried this from a Windows 2003 server, but from a command line, try

WMIC /NODE: COMPUTERNAME GET USERNAME

Where COMPUTERNAME is the computer name you are wanting to query.

DrUltima
0
 
mycoal_2006Author Commented:
Jmoody10
Absolutely Brilliant!  Thank you!  Is that in a Windows Server 2003 WROX or MS-Press book anywhere ... meaning... I have some MS books ... no real time to read ... but if information like that is within the book, I will certainly open it up more often and read it...or is it a combination of experience, and intuitive knowledge based on combined experience over time with using MS Server 2003 and Active Directory??

DrUltima:  I went to the command line in Server 2003 and the command you suggested did not work...I was in the root of C:\ when I ran the following command:   WMIC /NODE:  (computername) GET USERNAME...no dice...your thoughts??

Thank you both for your super fast response!  

One last question:  when I identify the IP address, the Computername and Username...what is the cleanest' way to KILL the session??  

Thank you!
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
Joseph MoodyBlogger and wearer of all hats.Commented:
What do you mean "kill the session"?

Most of it is knowledge picked up through working. If you haven't, look at taking the 70-642 exam. It will teach you a lot about how networks are tied to AD.
0
 
mycoal_2006Author Commented:
Super fast and very relevant.  Perfect.  Worth my one-year membership and then some!
0
 
mycoal_2006Author Commented:
In UNIX there is a command to kill a process by ID...a number...but if I find that one workstation is hogging up 90% of the network resources and I'm in another building or working remotely, is there a way to "Stop" the user or remove them from the network or disable them somehow...remotely via a command that removes them from being allowed to access WAN/Internet resources that are harmful to the internal LAN environment..."Shut Them Down?"

Thanks again!
0
 
Joseph MoodyBlogger and wearer of all hats.Commented:
There are multiple ways of doing that.

You could create an access list in a router that blockes them.
You could purchase a packetteer (a networking device designed to limit bandwidth usage)
You could set up Network Access Protection
You could move the port to an empty VLAN that doesn't route.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.