Avatar of bubaibhatta
bubaibhatta asked on

Users Log on history in a domain

Hi Experts,

I want to know if there is a simple way to identify any user's login activities for past one week or so? I tried my best to search something like this but could not find any.

Our domain is on Windows 2003.
Active DirectoryVB ScriptWindows Server 2003

Avatar of undefined
Last Comment
piattnd

8/22/2022 - Mon
SOLUTION
Sarang Tinguria

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
Mike Kline

Does the user generally logon from one PC or multiple?

Thanks

Mike
SOLUTION
Sandesh Dubey

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
ASKER
bubaibhatta

so first thing that I need to enable auditing, right?
piattnd

You can use auditing from this point forward, yes.  If you need to capture data in the past though, auditing won't do any good if it's not already on and you'll need to reference the security logs.
This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.
rwheeler23
ASKER
bubaibhatta

Since auditing was not enable at this point of time, I have enabled that.
What should  be the next steps?
piattnd

You're not being too clear here, what are you trying to do?

If you need to find out who logged in when in the past week, then you enabling auditing will do nothing for achieving that task.  You need to parse through the security logs to find the information (assuming your logs go back that far)

If you don't need past data and you just want the "from here on out" data, now you sit and wait, then review the audit information.
Pankaj_401

its pretty simple with this tool you should try it at once as it audit complete AD you can as many of domain it it and get the desired reports

http://www.activedirectoryaudit.com/
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
ASKER
bubaibhatta

Piattnd, sorry for my unclearity. I dont want to get into past data. I want  "from here on out" data.

Our Domain has five sites and each have one ADC in place. What I understood that when a user logs in to domain from a site, that info will be available to system log file of that site ADC. Am I correct here?

One more thing : now how to I turn on global DC Auditing ?
ASKER CERTIFIED SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.