<div>
Yep, pretty easy. <br />
<br />
Just assign a login script in ADUC, and have it do whatever. A common config is to just append username and time to a text file on the network.
</div>


Yep, pretty easy.

Just assign a login script in ADUC, and have it do whatever. A common config is to just append username and time to a text file on the network.

<div>
But this will log all user logons. I only want to record Domain Admins. I do not need to record Network Administrators etc.<br />
&nbsp; <br />
Let me know your thoughts.
</div>


But this will log all user logons. I only want to record Domain Admins. I do not need to record Network Administrators etc.
 
Let me know your thoughts.

<div>
Only assign the script to accounts you would like to monitor.
</div>


Only assign the script to accounts you would like to monitor.

<div>
It's a matter of determining if the user is in the Administrators role as part of the login script.<br />
<br />

<pre><code id="code-20-41485320-1">$windowsIdentity = [System.Security.Principal.WindowsIdentity]::GetCurrent()
$windowsPrincipal = new-object 'System.Security.Principal.WindowsPrincipal' $windowsIdentity

if ($windowsPrincipal.IsInRole(&quot;Administrators&quot;))
{
    # Put your email logic here.
}</code></pre>
</div>


It's a matter of determining if the user is in the Administrators role as part of the login script.



$windowsIdentity = [System.Security.Principal.WindowsIdentity]::GetCurrent()
$windowsPrincipal = new-object 'System.Security.Principal.WindowsPrincipal' $windowsIdentity

if ($windowsPrincipal.IsInRole("Administrators"))
{
    # Put your email logic here.
}

<div>
<div class="content wysiwyg-content">
Is it possible to send an email notification when a user logs on using a Domain Admin account? Or at the very least record the name, computer and date/time stamp and email this information a specific email address at the end of the week?<br />
&nbsp; &nbsp;<br />
The environment consists of Windows 2003-2012 RS servers.<br />
&nbsp; <br />
Thank you.
</div>
</div>


Is it possible to send an email notification when a user logs on using a Domain Admin account? Or at the very least record the name, computer and date/time stamp and email this information a specific email address at the end of the week?
   
The environment consists of Windows 2003-2012 RS servers.
  
Thank you.

Record and send email when a user logs on to a server using a Domain Admin account

Windows PowerShell is a task automation and configuration management framework from Microsoft, consisting of a command-line shell and associated scripting language built on the .NET Framework. PowerShell provides full access to the Component Object Model (COM) and Windows Management Instrumentation (WMI), enabling administrators to perform administrative tasks on both local and remote Windows systems as well as WS-Management and Common Information Model (CIM) enabling management of remote Linux systems and network devices.

Powershell

The term 'shell' refers to a general class of text-based command interpreters most often associated with the UNIX and Linux operating systems. Popular shells include Bourne, Debian Almquist (dash), Korn (ksh), Bourne Again (bash) and the C shell family (csh). Some view the DOS 'cmd' prompt as a minimal shell of sorts. It is also possible to install Cygwin on Windows and emulate a full Unix environment with complete shell capabilities. Terminal emulators, such as xterm, GNOME Terminal and OS X Terminal, can be used to access shell.

Shell Scripting

Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.