Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Window 2012 Server Audit

Posted on 2016-08-18
5
Medium Priority
?
36 Views
Last Modified: 2016-09-08
I want to audit a user in our domain on when they have logged in and logged out of the domain for the last week.

Where could I find this information?

Thanks!

Kevin
0
Comment
Question by:kheaney
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
5 Comments
 
LVL 30

Accepted Solution

by:
Rich Weissler earned 1000 total points (awarded by participants)
ID: 41761451
On the domain controller(s) in the Security Event Log*.

*Assumes that you had the auditing security policy configured for the last week.
0
 

Author Comment

by:kheaney
ID: 41761467
Is there a way to audit logon/logoff on the local computer itself?
0
 
LVL 30

Assisted Solution

by:Rich Weissler
Rich Weissler earned 1000 total points (awarded by participants)
ID: 41761485
Yes.  It'll be in the Security Event Log on the local computer, but only for login/logoff events while auditing security policy for login/logoff events is turned on for the local computer.
0
 
LVL 1

Assisted Solution

by:saumik belel
saumik belel earned 1000 total points (awarded by participants)
ID: 41763703
Have a look on below given informative blog post:

How to Audit Successful Logon/Logoff and Failed Logons in Active Directory: http://www.lepide.com/blog/audit-successful-logon-logoff-and-failed-logons-in-activedirectory/
0
 
LVL 30

Expert Comment

by:Rich Weissler
ID: 41789221
Question abandoned
0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
In this Micro Tutorial viewers will learn how to use Windows Server Backup to create full image of their system. Tutorial shows how to install Windows Server Backup Feature on Windows 2012R2 and how to configure scheduled Bare Metal Recovery backup.…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question