?
Solved

Audit log of what time users log on to their computer in a certain office using Windows 2008 Active Directory/Group Policy

Posted on 2012-08-20
3
Medium Priority
?
733 Views
Last Modified: 2012-08-20
I’ve been asked if it’s possible to create a log of what time users log on to their computer in a certain office within the company.

All users in that department are in their own OU.

Is there the ability to audit log this within AD/Group Policy on a domain ?

I'll need to easily provide the log weekly to the head of that department.

Not sure of the HR implications on this or what happens if a user just locks their computer on an evening when they go home. Will that have an effect on logging in the next day ?

Anyway, it’s just a question at the moment so need to know if and how this can be done if possible.

Thank you for your time.
0
Comment
Question by:rookeydooks
  • 2
3 Comments
 
LVL 13

Accepted Solution

by:
Xaelian earned 2000 total points
ID: 38311235
Hi,

You can create log-in and logoff script for it.

       
Set up a Share on the network.

The batch file is actually two files. One runs at user log on and one runs at user log off. When the batch files run, they create a rolling log file with the details in a shared network folder.

1) Create a shared folder on the network. Mine is called Logs$ (so it's invisible for the users when they access the computer through the network). Everyone should have read/write access to this share.
2) In that folder, create a folder called User and a folder called Computer.
            
Create the batch files.

Copy and Paste the following into two separate text files. When you save them, remember to change the file type to .bat

Name: Log On.bat

rem The following line creates a rolling log file of usage by workstation
echo Log In %Date% %TIME% %USERNAME% >> \\servername\Logs$\Computer\%COMPUTERNAME%.log

rem The following line creates a rolling log file of usage by user
echo Log In %Date% %TIME% %COMPUTERNAME% >> \\servername\Logs$\User\%USERNAME%.log

Name: Log Off.bat

rem The following line creates a rolling log file of usage by workstation
echo Log Off %Date% %TIME% %USERNAME% >> \\servername\Logs$\Computer\%COMPUTERNAME%.log

rem The following line creates a rolling log file of usage by user
echo Log Off %Date% %TIME% %COMPUTERNAME% >> \\servername\Logs$\User\%USERNAME%.log

Put these files in the Logs folder.

      
Add the batch files to group policy.

You do this on your User Container GPO.

User Configuration > Windows Settings > Scripts

Add Log In.bat to the Logon scripts box and Log Off.bat to the Logoff scripts box.
0
 

Author Comment

by:rookeydooks
ID: 38312155
Perfect.. Works a treat !

Thank you so much for your help Xaelian. Very clear instructions.
0
 

Author Closing Comment

by:rookeydooks
ID: 38312159
Exactly what i was looking for and explained in very easy to follow steps.

Thank you so much Xaelian.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
High user turnover can cause old/redundant user data to consume valuable space. UserResourceCleanup was developed to address this by automatically deleting user folders when the user account is deleted.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question