?
Solved

Where is the client name or client computer name logged for Remote Desktop Session

Posted on 2013-01-23
14
Medium Priority
?
3,711 Views
Last Modified: 2014-10-09
Hello Experts,

I have a situation where knowing the name of the computer/client that logged into a terminal server would be most helpful.  We currently have a W2008 R2 RDS Gateway that controls access to a W2008 R2 terminal server.  When I look at current session in the Remote Desktop Session Manager I can see the client name.  However, after the user logs off I can't seem to find a record of that client/computer name in any of the logs.  I can find lots of information about the user but not about what client/computer the user was using.

Is there a log that records this information?

Thanks,
karislove
0
Comment
Question by:karislove
  • 6
  • 4
  • 2
  • +1
14 Comments
 
LVL 3

Expert Comment

by:ecebollero
ID: 38811294
(Server 2008 R2)

1. Open Server Manager > Diagnostics > Event Viewer > Applications and Service Logs > Microsoft > Windows > TerminalServices-LocalSessionManager
2. Click on either Admin or Operational

In the individual log files you'll find all the information you need.

(Disregard - just tested locally and not seeing "client" computer information in the log file - sorry.)
0
 

Author Comment

by:karislove
ID: 38811342
ecebollero.

I hit that wall also.  Thanks for trying.
0
 
LVL 57

Expert Comment

by:McKnife
ID: 38812537
Hi. Looked into it on Server 2012.
In the same log, see RemoteDesktopServices-RdpCoreTS
There you will find entries like
"The server accepted a new TCP connection from client 192.168.178.114:53419"

By the way, why is this info security related?
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 

Author Comment

by:karislove
ID: 38812658
McKnife,

Thanks for the tip.  I checked out a 2012 install that I have and the log is there.  However, the log is not present in 2008 R2.

Also, IP address is not what I am looking for.  I can get that multiple places.  I am looking for the client\computer name.

The reason it is in Security is because I thought that security experts might be familiar with this for auditing purposes.

karislove
0
 
LVL 3

Expert Comment

by:ecebollero
ID: 38822022
I don't have access to verify this, but wouldn't your DNS server capture the name of the client in the Reverse Lookup Zone?
0
 
LVL 57

Expert Comment

by:McKnife
ID: 38822190
... and if it's a non-static DHPCP address, you will be able to look into the logs of the DHCP to resolve the number to a name.
0
 

Author Comment

by:karislove
ID: 38822322
McKnife,

These computers are not domain joined computers.  Will the RDS Gateway capture that information from a computer that is not part of the domain?  If so where do I go to find it?

karislove
0
 
LVL 57

Expert Comment

by:McKnife
ID: 38822347
Please tell us if a DCHP server is in use or not. I don't see what the gateway should want with that information, so I tend to "no".
0
 

Author Comment

by:karislove
ID: 38822504
The clients that are connecting to the RDS gateway do not use the DHCP server on the gateway's domain.  The clients connecting to the gateway use the DHCP server of whatever network they use to get internet access.

Is that what you are looking for?

karislove
0
 
LVL 57

Accepted Solution

by:
McKnife earned 2000 total points
ID: 38822511
Yes. I see no way to get hold of the clients' computer's names.
0
 

Author Comment

by:karislove
ID: 38822556
That's unfortunate.  The client name is right there in the session manager on the terminal server while they are connected.  You would think that would be something to log.

Thanks for giving it a go.

karislove
0
 

Expert Comment

by:djtj74
ID: 40356987
Hello Karislove.

Did you ever succeed to find this answer. I am loggin at the same now. And are stuck.

Please let me knoe.

Best regards,
Thomas.
0
 

Author Comment

by:karislove
ID: 40357077
djtj74

Unfortunately, no.  I had to let this go.  I never found a way to determine which machine is connecting to the RDS gateway.  I had to come up with a bastardized method of controlling access from some machines.  Not a good solution but it is working at the moment.

karislove
0
 

Expert Comment

by:djtj74
ID: 40370572
Karislove, Thanks for answering.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
Working from home is a dream for many people who aren’t happy about getting up early, going to the office, and spending long hours at work. There are lots of benefits of remote work for employees.
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Suggested Courses

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question