Solved

Reporting on user's log in/out times in Active Directory without using the event log

Posted on 2012-12-27
9
690 Views
Last Modified: 2014-08-02
Hello everyone, a department manager I work with is asking for a way to report on selected users for when they log in/out of the network (Active Directory) and the only way I know of is in the event logs and depending on what domain controller they authenticate on it's then logged into that event log on that server.  Does anyone know if Microsoft has a more efficent way to see this data or maybe a 3rd party product for this?

Thank you everyone.
0
Comment
Question by:jbishop2446b
9 Comments
 
LVL 21

Accepted Solution

by:
mcsween earned 500 total points
ID: 38724547
Do you have a SQL server there?  You could create a database on the server with a table called emp_logins with the columns
userid
login_off_datetime
login_or_logoff

Then run this script as part of the user's logon script
Set wshNetwork = CreateObject("WScript.Network")
Dim OdbcDSN, connect, sql, resultSet, strUsername

strUsername = wshNetwork.UserName
OdbcDSN = "Driver=SQL Server;Server=YOURSQLSERVER;UID=someuser;PWD=somepassword;Database=somedatabase"
Set connect = CreateObject("ADODB.Connection")
connect.Open OdbcDSN

sql="insert into emp_logins (userid,login_off_datetime,login_or_logoff) values ('" & strUsername & "',getdate(),'I')"

Set resultSet = connect.Execute(sql)

Open in new window


And this script as a user logoff script
Set wshNetwork = CreateObject("WScript.Network")
Dim OdbcDSN, connect, sql, resultSet, strUsername

strUsername = wshNetwork.UserName
OdbcDSN = "Driver=SQL Server;Server=YOURSQLSERVER;UID=someuser;PWD=somepassword;Database=somedatabase"
Set connect = CreateObject("ADODB.Connection")
connect.Open OdbcDSN

sql="insert into emp_logins (userid,login_off_datetime,login_or_logoff) values ('" & strUsername & "',getdate(),'O')"

Set resultSet = connect.Execute(sql)

Open in new window


To run a report just execute the query in SQL Query Analyzer
SELECT * FROM emp_logins WHERE userid = 'SomeUserName'

Open in new window


Make sure you update the values in the script for
YOURSQLSERVER
someuser
somepassword
somedatabase
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 38724567
You could create a simple logon/logoff script, example below

http://msmvps.com/blogs/kwsupport/archive/2005/02/24/36942.aspx

event logs like you said can track it but consolidating and searching them can be a pain depending on how many DCs you have.

Thanks

Mike
0
 
LVL 21

Expert Comment

by:mcsween
ID: 38724569
I forgot to mention in case it's not obvious; my code is in vbscript (.vbs).
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 

Author Comment

by:jbishop2446b
ID: 38724590
Thank you so much! I'm going to try this out now, I've never used a logoff script but will figure that out in AD.  I'll come back soon and accept the solution!  ;)
0
 

Author Comment

by:jbishop2446b
ID: 38724602
Thank you "mcsween"!  I have a .vbs script I use for mapping sharepoint to a network drive and will test your solution out.  J
0
 
LVL 21

Expert Comment

by:mcsween
ID: 38724604
You can do logon and logoff scripts from Group Policy.

User Configuration, Windows Settings, Scripts (Logon/Logoff)
0
 
LVL 4

Expert Comment

by:palicos
ID: 38726335
You have two ways to do this without event log.

First, you can use this link to audit the login/logout activity of the users.

http://help.isdecisions.com/winreporter/english/Reference/EventLogReports/LogonLogoff_Activity.htm

Moreover, in case you dont want to use the logs then you can use third party tool for AD auditing but these tools are not free.
0
 

Author Closing Comment

by:jbishop2446b
ID: 39041969
FANTASTIC, thank you so much and sorry for getting back to you so late.  I just recently implemented.
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Resolve DNS query failed errors for Exchange
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question