Solved

How to enable audit and viewand monitor  the RDP users to the server

Posted on 2014-02-24
8
388 Views
Last Modified: 2014-05-26
I need to audit who access the server using the Remote Desktop Protocol. I want to see from which PC/IP and what time they connected. How can I enable this in windows 2008 and 2012 server. I have AD 2008 R2.
0
Comment
Question by:jobby1
  • 3
  • 2
  • 2
  • +1
8 Comments
 
LVL 6

Accepted Solution

by:
alexgreen312 earned 100 total points
ID: 39882248
ObserveIT is pretty decent

http://www.observeit.com/
0
 
LVL 12

Assisted Solution

by:ibrahim52
ibrahim52 earned 200 total points
ID: 39882259
You should visit the link below to have a better idea. Also, to be really honest FREE solution isn't there at all unless you are ready to stick with windows built-in feature of logs system which isn't good filtered.

Referred link :-
http://serverfault.com/questions/206085/are-there-any-rdp-activity-logs-windows-server-2008-r2
0
 
LVL 7

Assisted Solution

by:peea
peea earned 200 total points
ID: 39882294
> I want to see from which PC/IP and what time they connected.

This info can be available from firwall logs. Has the 2008 sever enabled logging on the LAN adapter?
0
 
LVL 12

Assisted Solution

by:ibrahim52
ibrahim52 earned 200 total points
ID: 39882914
in fact this info is also available in EVENT logs regarding who accessed the server what time and from which IP.
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Comment

by:jobby1
ID: 39884843
0
 
LVL 7

Assisted Solution

by:peea
peea earned 200 total points
ID: 39887552
One benefits of checking syslog or other firewall logs similar to syslog is for search ability. You can't simply do a full-text search aganist Windows Event Logs.

Windows Event Logs does provide some kind of searching fucntion: filter, but it however does not support full-text search and you have to deal with multple GUI fields for a simple search.
0
 

Author Comment

by:jobby1
ID: 39910650
How can I enable the auditing for RDP logins.
0
 
LVL 7

Expert Comment

by:peea
ID: 40091843
0

Featured Post

Are end users causing IT problems again?

You’ve taken the time to design and update all your end user’s email signatures, only to find out they’re messing up the HTML, changing the font and ruining the imagery. What can you do to prevent this? Find out how you can save your signatures from end users today.

Join & Write a Comment

In a recent article here at Experts Exchange (http://www.experts-exchange.com/articles/18880/PaperPort-14-in-Windows-10-A-First-Look.html), I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to r…
New Windows 7 Installations take days for Windows-Updates to show up and install. This can easily be fixed. I have finally decided to write an article because this seems to get asked several times a day lately. This Article and the Links apply to…
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now