Who is logged into my Windows 2008 and 2003 servers in Active Directory

Posted on 2012-08-23
Last Modified: 2012-09-12
I need to check everyday to see who is logged into my production Windows servers.
How is that best and quickly accomplished for 30 servers?
Question by:lanman777
    LVL 53

    Accepted Solution

    You can do this via powershell. Take a look at the following link for all the details...

    Hope this helps!
    LVL 13

    Expert Comment

    Group Policy:

    Computer Configuration -> Windows Settings -> Security Settings -> Audit Policy:

    Audit account logon events
    Audit Logon events

    Then you can Filter the events in your Security logs in Even Viewer to display Success Audits only (user successfully logged in) and if you're looking for someone specific you can fill their credentials Domain\Username into the User field.

    Once the filter is setup, it should remain until you uncheck it.
    LVL 7

    Expert Comment

    As xDUCKx says, auditing is the only way to be sure but if you want a quick and dirty who is logged on NOW I would use psloggedon from Sysinternals (part of Microsoft).  You can find the details and download link here ==>

    It can be scheduled to run every hour if you wish.  You can then use psshutdown to log the user off as well if you need to.

    Hope this helps

    LVL 16

    Expert Comment

    As Priz stated, PsLoggedOn is a quick way to determine who is logged on it NOW.

    If you want something more substantial, you can set up a logon and logoff script to "timestamp" with the user's logon name whenever they log on or off the server and have that info displayed on the machine's Description attribute (or any other attribute) in Active Directory. Just make sure Authenticated Users have "write" access to the Description field in AD (they should already by default).

    We have a similar setup right now for all machines- makes it easy to locate a user's machine versus trying to get the user to tell us what machine they're one.

    And if you ever wanted a report, you could do a query in AD and export to an Excel spreadsheet.

    The only downside is that the field would be overwritten anytime someone logs off/on the machine so it won't be a "real" recordkeeping method, but more of a "last logged on/off" deal.

    Logon script: (you would change to "logoff" for the logoff script)
    Set objSysInfo = CreateObject("ADSystemInfo")
    Set objUser = GetObject("LDAP://" & objSysInfo.UserName)
    Set objComputer = GetObject("LDAP://" & objSysInfo.ComputerName)
    strMessage = objUser.CN & " - logged on at " & Now & "."
    objComputer.Description = strMessage

    Open in new window


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Promote certifications in your email signature

    Has your company recently won an award or achieved a certification? They'll no doubt want to show it off. Email signature images used to promote certifications & awards can instantly establish credibility with a recipient and provide you with numerous benefits.

    You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
    This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
    This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

    794 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    16 Experts available now in Live!

    Get 1:1 Help Now