Solved

Is there a way to retrieve computer name and who logged in active directory in windows server 2012

Posted on 2016-11-20
5
90 Views
1 Endorsement
Last Modified: 2016-11-23
Is there way to retrieve such information.
1
Comment
Question by:akosinoah
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 3

Expert Comment

by:Pune Tech
ID: 41894710
You need to first enable logon auditing to have Windows track which user accounts log in and when.

The Audit logon events setting tracks both local logins and network logins. Each logon event specifies the user account that logged on and the time the login took place. You can also see when users logged off.

http://www.howtogeek.com/124313/how-to-see-who-logged-into-a-computer-and-when/
1
 
LVL 23

Expert Comment

by:yo_bee
ID: 41894819
Are you looking to see who access AD and did changes?
Here is a link to a publish how to from MS

https://technet.microsoft.com/en-us/library/cc731607(v=ws.10).aspx
0
 
LVL 18

Accepted Solution

by:
Mal Osborne earned 500 total points
ID: 41895315
It is POSSIBLE, but awful difficult to get this data by parsing security logs on all DCs.

A better way is to set up scripts, push them out via group policy, and have them create text files with the data as you would like it. Pretty simple to set up, and works well. Just add the scripts as user login & logout scripts into a GPO and apply it.

Log In %Date% %TIME% %USERNAME% >> \\servername\Logs\Computer\%COMPUTERNAME%.log

Open in new window

Will give you a text file for each machine, with a line for each user logging in. (or out)

Log In %Date% %TIME% %COMPUTERNAME% >> \\servername\Logs\User\%USERNAME%.log

Open in new window

Will give you a text file for each user, with machines they logged into.
0
 
LVL 18

Expert Comment

by:Mal Osborne
ID: 41895323
Here is a big discussion about using login scripts for that purpose:

http://blogs.msmvps.com/kwsupport/2005/02/24/lazy-mans-way-to-track-user-logonlogoff/
0
 
LVL 1

Author Closing Comment

by:akosinoah
ID: 41898726
thank you
0

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question