Are my users active on the network

Posted on 2013-01-23
Medium Priority
Last Modified: 2013-01-28
Monthly I do windows updates on all my servers,  I usually begin this at 10:00 PM.  After the windows updates I need to reboot servers and test.  Sometimes I do this over the course of two or three nights.

My problem is I have a remote office that some of the users work till 1:00 or 2:00 AM and if I reboot servers they are on they are not happy campers.

These users previously connected to the main office using Citrix and I was easily able to tell who was logged in and if there citrix session was active.  If it was inactive for 30 minutes or so,  I would just log the session off.  once I was sure the users werent activily woprking then i would be comfortable with the reboot.

Now they no longer connect through citrix and they are just logging into the Windows 2008 Domain.  My problem is many users when they are done for the day they just lock there computers.  So technically the are logged in but for my purposes I would be able to reboot the servers.

Each users computer is windows 7, connected to an Active directory 2008 Domain,  we use outlook 2010,  exchange 2007.

How can I tell:
1. Who is logged in ?
2. If the logged in users are activiley working ?

Thanks for your assistance.
Question by:Ekuskowski
  • 2
  • 2
LVL 57

Accepted Solution

Mike Kline earned 750 total points
ID: 38810838
You can use the lastlogon attribute or try to comb the event logs but that is going to be tough  to know who is "working".  You could look at exchange logs or IIS logs if using OWA.

What I'd suggest is sending out an email once a month saying there will be maintenance.  Give them a two hour window  (after hours) and just let them know services may be unavailable during that time.  The servers need to be patched.

We did something similar this week because we are moving Exchange mailboxes and we sent out a mass email saying services might not be available between midnight and 3 AM while their mailbox is moved.


LVL 23

Assisted Solution

by:Thomas Grassi
Thomas Grassi earned 750 total points
ID: 38810858
Active Directory domains don't maintain 'session state', it's just a directory, you won't be able to retrieve a list of logged in users.

You could, in a logon script, create a line that makes a file?

Something like?

net time >> \server\logonlogs\%username%.txt

Then in a logoff script del %username%.txt

Found this also


Author Comment

ID: 38811543
Problem is my users complain anytime we do maintenance,  I could send out an email and I'll get 20 responses that I cant do maintenance because they absolutely need access to the system,  then I could check and no one will be logged in.  If I could find the info without the notification would be better .  

Logon and logoff doesnt really tell me if they are working,  of course logoff tells me they are not connected but if i have people logon and they dont logoff instead they just lock the computer,  I wouldnt know if they are working.

I'll check out some of these scripts but a quick look doesnt seem to find what i need  http://www.rlmueller.net but these scripts seem pretty useful for other uses.
LVL 23

Expert Comment

by:Thomas Grassi
ID: 38811574
Do what I do just send out a broadcast message to all network users
System will shutdown in 10 mins for Maintenance Please logoff

net send was the method but not on Windows 7 and Windows 2008 no more net send

For the windows 7 computers I found a program winmessenger that works nicely.

For Windows 2008 server I found a program called sent which also works well

I then setup a batch file shutdown.cmd which sends the message to all computers on the domain
LVL 57

Expert Comment

by:Mike Kline
ID: 38811709
What if you patch at 2 AM on Saturday morning (Use WSUS and schedule it).  Would they still complain?



Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

The article explains the process to deploy a Self-Service password reset portal I developed a few years ago. Hopefully, it will prove useful to someone.  Any comments, bug reports etc. are welcome...
A simple method to resolve a "keyboard not working" problem by modifying the Windows registry. This issue can often be encountered after using the VMware vCenter Converter Standalone Agent to perform a Physical-to-Virtual (P2V) conversion process.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

607 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question