?
Solved

Active Directory:  Monitoring Local and Remote Logins

Posted on 2014-02-24
3
Medium Priority
?
312 Views
Last Modified: 2014-04-07
Hello Experts!

    What would be the best way to monitor local and remote log-ins with the same account?  For example, lets say that I wanted to see if someone was logging in normally with their network account but also logging in remotely (via VPN) with their account as well.  Sharing their credentials in other words.    

      e.g.  I log into my account with my network credentials, then call John Doe and and share my log in credentials with him.  He then logs in via the VPN with my credentials.  Is there a way to track that or a script of some sort that could help keep tabs on this behavior?
0
Comment
Question by:itsmevic
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 5

Accepted Solution

by:
Pankaj_401 earned 1000 total points
ID: 39884893
Hi Itsm,
You can download AD auditor tool from this MS-networking utility link(http://technet.microsoft.com/en-us/sysinternals/bb795532.aspx) to monitor local and remote log-ins in active directory.
Additionally, you can have also explore this link(http://www.activedirectoryaudit.com/) which seems fit in your required AD environment.
0
 
LVL 9

Assisted Solution

by:VirastaR
VirastaR earned 1000 total points
ID: 39885736
Hi,

You can achieve this through reviewing Security Events

Tracking User Logon Activity Using Logon Events
http://blogs.msdn.com/b/ericfitz/archive/2008/08/20/tracking-user-logon-activity-using-logon-events.aspx

PFA - Quick Reference Charts of Events.

Hope that helps :)
0
 

Author Closing Comment

by:itsmevic
ID: 39984600
Fantastic input, thank you both!
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
Suggested Courses
Course of the Month11 days, 23 hours left to enroll

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question