Carl Billington
asked on
Record and send email when a user logs on to a server using a Domain Admin account
Is it possible to send an email notification when a user logs on using a Domain Admin account? Or at the very least record the name, computer and date/time stamp and email this information a specific email address at the end of the week?
The environment consists of Windows 2003-2012 RS servers.
Thank you.
The environment consists of Windows 2003-2012 RS servers.
Thank you.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
But this will log all user logons. I only want to record Domain Admins. I do not need to record Network Administrators etc.
Let me know your thoughts.
Let me know your thoughts.
Only assign the script to accounts you would like to monitor.
It's a matter of determining if the user is in the Administrators role as part of the login script.
$windowsIdentity = [System.Security.Principal.WindowsIdentity]::GetCurrent()
$windowsPrincipal = new-object 'System.Security.Principal.WindowsPrincipal' $windowsIdentity
if ($windowsPrincipal.IsInRole("Administrators"))
{
# Put your email logic here.
}
Just assign a login script in ADUC, and have it do whatever. A common config is to just append username and time to a text file on the network.