Script or program to see who is logged in where in the complete domain

How many systems? Something that can say who is logged on everywhere is almost always a problem of scale. If you have 30 computers, it's easy. If you have 5000, the burden of checking is a bit daft.

Oh and I used to use this, long ago, for a mid-size (500 to 1000 systems) domain to give me an overview:

http://blogs.msmvps.com/kwsupport/2005/02/24/lazy-mans-way-to-track-user-logonlogoff/

It has some limitations, it doesn't trigger when a user is connected via a VPN client for example. A lot depends on the size and nature of your domain.

Thanks for the comment Chris. We are talking about +/- 200 systems. What is am looking for is a program or script who tells me who is logged on at this right moment. We already have auditing which tells me when someone logged in or logged of. i need something like

query user /server:$SERVER

Select allOpen in new window

but for all domain members at once without me having to give up the names of the domain members

200... it won't be amazingly fast, this makes the request of 50 computers at once. Once they've all finished you'll get a list (from the Receive-Job line).

The list of computers is pulled from Active Directory. It'll include servers at the moment, you might want a better filter.

$threadLimit = 50

Get-ADComputer -Filter { Enabled -eq $true } | ForEach-Object {
    while ((Get-Job -State Running | Measure-Object).Count -ge $threadLimit) {
        Start-Sleep -Seconds 5
    }
    $null = Start-Job -ArgumentList $_.Name -ScriptBlock {
        Get-CimInstance Win32_ComputerSystem -ComputerName $args[0] -Property Name, UserName
    }
}

Get-Job | Wait-Job | Receive-Job | Select-Object Name, UserName
# Tidy up
Get-Job | Remove-Job

Select allOpen in new window

Powershell script to see currently logged in users (domain and machine) + status (active, idle, away):
http://stackoverflow.com/questions/23219718/powershell-script-to-see-currently-logged-in-users-domain-and-machine-status

How to track user logon sessions using event log:
https://community.spiceworks.com/how_to/130398-how-to-track-user-logon-sessions-using-event-log

Track users logon events across the company domain:
https://community.spiceworks.com/how_to/2809-track-users-logon-events-across-the-company-domain

Hope this helps!

Hi Kevin, Thank you for your post. I already looked at this one. The function sounds promising but when i run it i get no output at all.

@crhis: Thanks for the Script. It seems to work :-). The output is a bit cloudy though. Is it possieble to save the output to a txt file so i can search it and maybe to not show the errors?

WinRM cannot process the request. The following error occurred while using Kerberos authentication: Cannot find the computer <COMPUTERNAME>. Verify that the computer exists on the network and that the name provided is spelled correct
ly.

Upgraded the error handling. It should tell you if something isn't around now. Added two output options (gridview and file).

$threadLimit = 50

Get-ADComputer -Filter { Enabled -eq $true } | ForEach-Object {
    while ((Get-Job -State Running | Measure-Object).Count -ge $threadLimit) {
        Start-Sleep -Seconds 5
    }
    $null = Start-Job -ArgumentList $_.Name -ScriptBlock {
        try {
            Get-CimInstance Win32_ComputerSystem -ComputerName $args[0] -Property Name, UserName -ErrorAction Stop |
                Add-Member State 'OK' -PassThru
        } catch {
            [PSCustomObject]@{
                Name     = $_.Name
                UserName = ''
                State    = 'Failed ({0})' -f $_.Exception.Message.Trim()
            }
        }
    }
}

# Variable assignment to show different output options
$report = Get-Job | Wait-Job | Receive-Job | Select-Object Name, UserName
# Tidy up
Get-Job | Remove-Job

# GridView
$report | Out-GridView
# File
$report | Export-Csv ComputersAndUsers.csv -NoTypeInformation

Select allOpen in new window

Powershell on my server seems to crash when i up the limit to 250.

The thread limit? I'm not surprised, I put it at 50 for a reason :) That's just the number of concurrent requests, it's not the number of machines it'll query in total. It's quite easy to ruin a system by running too many things at once.

I imagine it'll recover, even if it's running 250 simultaneous threads, no fun until it does though.

Ah, that explains a lot :-). Now for the last question. This script seems to only display the username who has executed it. how can i let it search for either all users that are logged in or just a specific one?

The should show the name of the user logged into the PC using the interactive session. If you want users across all sessions things become a little more complex (that's when you need what quser is doing). Is that what you're looking for?

I need to see all users accross the complete domain that are currently logged on. also when the session is disconnected

Okay, no problem. One sec.

Yes! This works beautiful! It gives me a complete list of users logged in anywhere in the domain! Thank you!

This Script does exactly what i ask. it shows me every user that is logged in somwhere within the domain