Solved

Need to obtain list of AD users matching them with their computers.

Posted on 2015-02-05
6
89 Views
Last Modified: 2015-03-03
We are being asked to deploy software to a list of users.  However, our deployment software can only push  to computers, not users.  Is it possible to generate an AD query that would match users with the computers that they have logged on to?  We have a Windows 2003 domain currently.  Please accept my apology if this question has already been answered.  Thank you!
0
Comment
Question by:rroati-prov
  • 3
  • 2
6 Comments
 
LVL 26

Expert Comment

by:pony10us
ID: 40591590
AD does not connect users with computers.  Unless you set the logon to option on a users account they are able to log on to any computer.
0
 

Author Comment

by:rroati-prov
ID: 40591605
Thanks, pony10us.  You are correct, we allow our users to logon to any computer.  However, is it possible to determine through AD the last computer they logged onto?
0
 
LVL 26

Accepted Solution

by:
pony10us earned 500 total points
ID: 40591701
We have built a logon script that creates a text file of computer and user and send that to our syslog server.

A one liner would be something like:

echo Log In %Date% %TIME% %C"OMPUTERNAME% %USERNAME% >> \\servername\Logs\User\logon_history.log
0
 

Author Comment

by:rroati-prov
ID: 40598692
Hi Satyendara, Thanks for pointing me to the Lepide Last Logon Reporter Tool, it looks like a good tool to find when users last logged on, but from what I see, it does not provide the computer name.
Pony10us, your idea appears to be the best thing we can do.  I am going to accept your response as the solution.  Thank you!

Thanks,
Richard
0
 
LVL 26

Expert Comment

by:pony10us
ID: 40598775
Glad I could help.  I also looked at Lepide and didn't see where it provided the computer name.  Otherwise it looks like a very nice tool.
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Authentication -ldap 1 22
Restrict access to Active Directory Users and Computers 9 57
Domain Logon scripts 14 48
Internal SSO broken in Windows 2008 R2 AD environment 5 32
Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html?cid=Gene_Skyport) provided 218 attendees with a step-by-step guide for…
A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question