Solved

Is there a way to retrieve computer name and who logged in active directory in windows server 2012

Posted on 2016-11-20
5
63 Views
1 Endorsement
Last Modified: 2016-11-23
Is there way to retrieve such information.
1
Comment
Question by:akosinoah
5 Comments
 
LVL 3

Expert Comment

by:Pune Tech
ID: 41894710
You need to first enable logon auditing to have Windows track which user accounts log in and when.

The Audit logon events setting tracks both local logins and network logins. Each logon event specifies the user account that logged on and the time the login took place. You can also see when users logged off.

http://www.howtogeek.com/124313/how-to-see-who-logged-into-a-computer-and-when/
1
 
LVL 22

Expert Comment

by:yo_bee
ID: 41894819
Are you looking to see who access AD and did changes?
Here is a link to a publish how to from MS

https://technet.microsoft.com/en-us/library/cc731607(v=ws.10).aspx
0
 
LVL 17

Accepted Solution

by:
Malmensa earned 500 total points
ID: 41895315
It is POSSIBLE, but awful difficult to get this data by parsing security logs on all DCs.

A better way is to set up scripts, push them out via group policy, and have them create text files with the data as you would like it. Pretty simple to set up, and works well. Just add the scripts as user login & logout scripts into a GPO and apply it.

Log In %Date% %TIME% %USERNAME% >> \\servername\Logs\Computer\%COMPUTERNAME%.log

Open in new window

Will give you a text file for each machine, with a line for each user logging in. (or out)

Log In %Date% %TIME% %COMPUTERNAME% >> \\servername\Logs\User\%USERNAME%.log

Open in new window

Will give you a text file for each user, with machines they logged into.
0
 
LVL 17

Expert Comment

by:Malmensa
ID: 41895323
Here is a big discussion about using login scripts for that purpose:

http://blogs.msmvps.com/kwsupport/2005/02/24/lazy-mans-way-to-track-user-logonlogoff/
0
 
LVL 1

Author Closing Comment

by:akosinoah
ID: 41898726
thank you
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
In this Micro Tutorial viewers will learn how to use Boot Corrector from Paragon Rescue Kit Free to identify and fix the boot problems of Windows 7/8/2012R2 etc. As an example is used Windows 2012R2 which lost its active partition flag (often happen…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now