• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 41
  • Last Modified:

sharing accounts AD evidence

would there be any way technically to determine if 2 devices are using the same AD account to access network resources? And if so how could it be done? we have an added complication in that half the users don't have desktops/laptops and use thin client WYSE devices to access a citrix environment, so unsure if this adds to how realistic this may be to prove or not.
0
pma111
Asked:
pma111
2 Solutions
 
Shaun VermaakTechnical Specialist/DeveloperCommented:
You need to enable audit similar to this process then monitor successful login events
https://www.experts-exchange.com/articles/29305/Active-Directory-Locked-Account-Investigation-Process.html
0
 
McKnifeCommented:
Please specify what you do with your Citrix env. - Do you let people logon to their own virtual desktop installation on a citrix terminal server?
Because if anyone uses his own virtual installation, of course we see different machine names in the logs of the domain controllers and could easily find out if one and the same user name is used on different machines.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell┬« is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now