Solved

Where is the client name or client computer name logged for Remote Desktop Session

Posted on 2013-01-23
14
3,029 Views
Last Modified: 2014-10-09
Hello Experts,

I have a situation where knowing the name of the computer/client that logged into a terminal server would be most helpful.  We currently have a W2008 R2 RDS Gateway that controls access to a W2008 R2 terminal server.  When I look at current session in the Remote Desktop Session Manager I can see the client name.  However, after the user logs off I can't seem to find a record of that client/computer name in any of the logs.  I can find lots of information about the user but not about what client/computer the user was using.

Is there a log that records this information?

Thanks,
karislove
0
Comment
Question by:karislove
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 4
  • 2
  • +1
14 Comments
 
LVL 3

Expert Comment

by:ecebollero
ID: 38811294
(Server 2008 R2)

1. Open Server Manager > Diagnostics > Event Viewer > Applications and Service Logs > Microsoft > Windows > TerminalServices-LocalSessionManager
2. Click on either Admin or Operational

In the individual log files you'll find all the information you need.

(Disregard - just tested locally and not seeing "client" computer information in the log file - sorry.)
0
 

Author Comment

by:karislove
ID: 38811342
ecebollero.

I hit that wall also.  Thanks for trying.
0
 
LVL 54

Expert Comment

by:McKnife
ID: 38812537
Hi. Looked into it on Server 2012.
In the same log, see RemoteDesktopServices-RdpCoreTS
There you will find entries like
"The server accepted a new TCP connection from client 192.168.178.114:53419"

By the way, why is this info security related?
0
Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

 

Author Comment

by:karislove
ID: 38812658
McKnife,

Thanks for the tip.  I checked out a 2012 install that I have and the log is there.  However, the log is not present in 2008 R2.

Also, IP address is not what I am looking for.  I can get that multiple places.  I am looking for the client\computer name.

The reason it is in Security is because I thought that security experts might be familiar with this for auditing purposes.

karislove
0
 
LVL 3

Expert Comment

by:ecebollero
ID: 38822022
I don't have access to verify this, but wouldn't your DNS server capture the name of the client in the Reverse Lookup Zone?
0
 
LVL 54

Expert Comment

by:McKnife
ID: 38822190
... and if it's a non-static DHPCP address, you will be able to look into the logs of the DHCP to resolve the number to a name.
0
 

Author Comment

by:karislove
ID: 38822322
McKnife,

These computers are not domain joined computers.  Will the RDS Gateway capture that information from a computer that is not part of the domain?  If so where do I go to find it?

karislove
0
 
LVL 54

Expert Comment

by:McKnife
ID: 38822347
Please tell us if a DCHP server is in use or not. I don't see what the gateway should want with that information, so I tend to "no".
0
 

Author Comment

by:karislove
ID: 38822504
The clients that are connecting to the RDS gateway do not use the DHCP server on the gateway's domain.  The clients connecting to the gateway use the DHCP server of whatever network they use to get internet access.

Is that what you are looking for?

karislove
0
 
LVL 54

Accepted Solution

by:
McKnife earned 500 total points
ID: 38822511
Yes. I see no way to get hold of the clients' computer's names.
0
 

Author Comment

by:karislove
ID: 38822556
That's unfortunate.  The client name is right there in the session manager on the terminal server while they are connected.  You would think that would be something to log.

Thanks for giving it a go.

karislove
0
 

Expert Comment

by:djtj74
ID: 40356987
Hello Karislove.

Did you ever succeed to find this answer. I am loggin at the same now. And are stuck.

Please let me knoe.

Best regards,
Thomas.
0
 

Author Comment

by:karislove
ID: 40357077
djtj74

Unfortunately, no.  I had to let this go.  I never found a way to determine which machine is connecting to the RDS gateway.  I had to come up with a bastardized method of controlling access from some machines.  Not a good solution but it is working at the moment.

karislove
0
 

Expert Comment

by:djtj74
ID: 40370572
Karislove, Thanks for answering.
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question