<div>
You can do that by looking up the logon events in the Security Eventlog of all domain controllers which are in that AD site.<br />
Also make sure that all IP-addresses within that remote site are defined &nbsp;in &quot;AD Sites and Services/Sites/Subnets&quot; and these subnets are assigned to the AD site. In this way you are sure that all users within that site are only using these AD domain controllers.<br />
<br />
These are the most important event IDs.<br />
Logon/Logoff events<br />
&nbsp; Logon: 4624,4625,4648,4675<br />
&nbsp; Logoff: 4634,4647<br />
Account Logon events<br />
&nbsp; Kerberos: 4768,4769<br />
&nbsp; Credential Validation: 4774,4776<br />
Privilege Use events<br />
&nbsp; Special Logon: 4672
</div>


You can do that by looking up the logon events in the Security Eventlog of all domain controllers which are in that AD site.
Also make sure that all IP-addresses within that remote site are defined  in "AD Sites and Services/Sites/Subnets" and these subnets are assigned to the AD site. In this way you are sure that all users within that site are only using these AD domain controllers.

These are the most important event IDs.
Logon/Logoff events
  Logon: 4624,4625,4648,4675
  Logoff: 4634,4647
Account Logon events
  Kerberos: 4768,4769
  Credential Validation: 4774,4776
Privilege Use events
  Special Logon: 4672

<div>
On the local PCs you could run set in command prompt and take a look at what logon server is set to. &nbsp;Alternatively you could also run echo %logonserver%
</div>


On the local PCs you could run set in command prompt and take a look at what logon server is set to.  Alternatively you could also run echo %logonserver%

<div>
I think i need third party software than event viewer options.
</div>


I think i need third party software than event viewer options.

<div>
<div class="content wysiwyg-content">
Have separate AD site. A small remote site with few users. I am trying to find who is logged on to domain from that site. What is the best way to do that?
</div>
</div>


Have separate AD site. A small remote site with few users. I am trying to find who is logged on to domain from that site. What is the best way to do that?

logged on users in AD site

Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.