We help IT Professionals succeed at work.

windows server last access timestamp (RDP)

Last Modified: 2018-10-01
Is there a relatively easy way to determine the last time an officer last logged on (e.g RDP) to a windows server? I need to verify a list of officers with admin access to a server and need some stats on last access to help flag potential inappropriate assignment of admin rights.
Watch Question

Huig GuijtSystem Administrator

You would have to enable auditing of logon events on every RDS Host.

Then monitor our forward your event log for event 528.
Distinguished Expert 2019
This problem has been solved!
(Unlock this solution with a 7-day Free Trial)
If you have auditing enabled then you will have events in the event logs and also you can configure an alert, looking for those particular events.

Check if this point you:

How to keep track of privileged user accounts in Active Directory:

Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions