Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

User access Logging

Posted on 2012-04-09
Last Modified: 2012-08-13
Hello All,

I'm trying to see if it's possible to see how many times a user has logged into a terminal server (specific dates, times, etc.)

Is this something that is possible?
Question by:Timothy McCartney
  • 2
  • 2
  • 2
LVL 37

Expert Comment

by:Neil Russell
ID: 37823382
Easiest way is with your login script.  Just have it output to a text log file somewhere with the computername, user name, date, time, LOGON or LOGOFF

Author Comment

by:Timothy McCartney
ID: 37823392
Not positive exactly how one would do that, could you elaborate a little bit more?

Also, if this option had not been in place, is there another way to find this information out? We've had a bit of a security issue and need to try to determine when a user has been logging into a particular sever.
LVL 17

Expert Comment

ID: 37823402
you can check in the event log for the user login and logoff.
Event IDs 528 and 540 signify a successful logon, event ID 538 a logoff
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

LVL 17

Expert Comment

ID: 37823407
LVL 37

Accepted Solution

Neil Russell earned 500 total points
ID: 37823431
The event log will ONLY be any use if you have enabled all the correct Auditing policies AND will only be as useful as the size of your event log allows.....

in a log in script just do something like.....

echo User %USERNAME% logged into computer %COMPUTERNAME% on %DATE% at %TIME% >> \\servername\logins$\logons.log

Author Closing Comment

by:Timothy McCartney
ID: 37824107
It looks like the required auditing policies were not in place. The security log only shows a handful of entries, none of which are related to logons/offs.

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
AD Migration / Upgrade 4 56
Auslogics BoostSpeed 9 software 5 78
Task with PowerShell Script is failing with 0x41301 7 120
2003 File Server upgrade 11 66
Many of us need to configure DHCP server(s) in their environment. We can do that simply via DHCP console on server or using MMC snap-in on each computer with Administrative Tools installed in a network. But what if we have to configure many DHCP ser…
Recently, I had the need to build a standalone system to run a point-of-sale system. I’m running this on a low-voltage Atom processor, so I wanted a light-weight operating system, but still needed Windows. I chose to use Microsoft Windows Server 200…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question