• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 622
  • Last Modified:

Logging Remote Desktop activities to the win2008R2 server

Dear,
How can I Log all Remote Desktop activities to the win2008R2 server?
Thx
0
hassanayoub85
Asked:
hassanayoub85
  • 5
  • 4
  • 2
1 Solution
 
motnahp00Commented:
Auditing encompasses a lot of areas.

Here's what I configure on my servers:

Audit account logon events -> Success, Failure
Audit account management -> Success, Failure
Audit directory service access - Failure
Audit logon events -> Success, Failure
Audit object access -> Failure
Audit policy change -> Success
Audit privilege use -> Failure
Audit process tracking -> Not defined
Audit system events -> Success
0
 
hassanayoub85Author Commented:
Dear all,
All what I want is to know what IP addresses and MACs for the users logging in to mys erver remotely, and any other info can I achieve.
Thx
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
Darius GhassemCommented:
Well I'm not 100% you will be able to gather all information like MACS but you will get IP addresses

Another third-party tool http://www.terminalserviceslog.com/blog/index.php/2010/01/11/configuring-auditing-for-windows-servers/
0
 
motnahp00Commented:
The logs will provide you a hostname. You can get figure out the mac using getmac /s <hostname>.
0
 
hassanayoub85Author Commented:
Does Observe It Allow me to record the activities only when remote connection is running?
0
 
Darius GhassemCommented:
No this records all types of events
0
 
hassanayoub85Author Commented:
I am searching for a tool which records only activities for the Remote connected users.
0
 
Darius GhassemCommented:
You can NOT just get Remote Desktop Events. There is no such thing as Remote Desktop Auditing you must turn on auditing which audits other Events.
0
 
hassanayoub85Author Commented:
found a faster solution.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Certified Penetration Testing

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

  • 5
  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now