Solved

User Accessing Server 2008 R2

Posted on 2013-01-31
6
178 Views
Last Modified: 2013-05-02
I suspect a user might be playing around in Active Directory and wondering if there is a way to find out who has been logging on to the server? She had reset her password for the domain and I think she may have done that on her own without my permission - so want to see if she is indeed getting into the server somehow....is there a way to find out?
0
Comment
Question by:Vicki Knutsen
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
6 Comments
 
LVL 23

Expert Comment

by:Thomas Grassi
ID: 38840189
0
 
LVL 1

Author Comment

by:Vicki Knutsen
ID: 38840223
wow a free tool that might help me figure this out- awesome - thanks - will try it out and see if it gives me the information I am looking for.
0
 
LVL 16

Expert Comment

by:choward16980
ID: 38840299
How are they accessing?  RDP, VNC, Logmein, or physically?
0
Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

 
LVL 1

Author Comment

by:Vicki Knutsen
ID: 38840308
I don't know for sure  - not physically logging in - would have to be RDP or VNC  - something like that probably.
0
 
LVL 23

Expert Comment

by:Thomas Grassi
ID: 38841069
When the RDP in the user account should not have administrator priviledges.

Also time to change the VNC password. If they need to VNC setup VNC with a read only password give them that one.
0
 
LVL 16

Accepted Solution

by:
choward16980 earned 500 total points
ID: 38841142
Something that malicious should be documented.  Just record their user sessions on their workstations and catch them in the act:

Install UltraVNC:
http://www.uvnc.com/downloads

Record their sessions:
http://www.uvnc.com/screenrecorder/

HIde the VNC icon:
http://forum.ultravnc.info/viewtopic.php?p=36056
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
Examines three attack vectors, specifically, the different types of malware used in malicious attacks, web application attacks, and finally, network based attacks.  Concludes by examining the means of securing and protecting critical systems and inf…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question