Re: Track Remote Desktop Connections?

From: Steven L Umbach (n9rou_at_nospam-comcast.net)
Date: 03/23/05

• Next message: kenw_at_kmsi.net: "Re: How to get an ACL exception report"
• Previous message: Bob Williamson: "PKI Webcast?"
• In reply to: Joseph Scalise: "Track Remote Desktop Connections?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 22 Mar 2005 18:24:04 -0600

Enable auditing of logon events in the security policy of the computers you
want to find this information on. You can do this in Local Security Policy
or at the domain/OU level. An event will be recorded for each logon attempt.
In Windows 2000 it may look like a console type 2 logon but I believe in
Windows XP Pro/2003 it will show as logon type 10 for RDP logons. --- Steve

http://support.microsoft.com/default.aspx?scid=KB;en-us;q248260 -- example
of how to enable local auditing.

"Joseph Scalise" <jscalise@advantageccs.org> wrote in message
news:OjnQ76xLFHA.2888@TK2MSFTNGP12.phx.gbl...
> We have Windows 2000 servers that can be accessed with proper admin
> password
> through Win XP Remote Desktop Connection on client computers. Only users
> that have the password can log in remotely, however is there anyway to
> track
> or tell if a remote connection is made? Does the server (Windows 2000)
> log
> this type of connection in the Event Viewer anywhere, or anywhere else?
>
> Thanks for your help!
>
> Please excuse the crosspost, originally posted in public.security, located
> this more specific newsgroup aftwards.
>
> -Joe
>

• Next message: kenw_at_kmsi.net: "Re: How to get an ACL exception report"
• Previous message: Bob Williamson: "PKI Webcast?"
• In reply to: Joseph Scalise: "Track Remote Desktop Connections?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Specify a username at Login ... There is not setting for that but you can configure security policy with the ... in administrator account for the domain to logon to those computers. ... > force a specifc username to come up in the username field upon login? ... (microsoft.public.win2000.security) Re: Finding out who was logged in ... If auditing of logon events was enabled in Local Security Policy you could ... check the security logs to see who was logged on and when. ... You could also put the hard drive from the computers into another ... (microsoft.public.win2000.security) Re: Making the case for not installing DCs on remote sites (2xT1 links) ... 25,000 users;-) and I don't know how may servers -4,000 perhaps. ... I think that the logon ... >>>>to logon from branch offices where I have no DC+GC there. ... >>>>offices with more than 60 computers. ... (microsoft.public.win2000.active_directory) Re: IIS FTP Logon ... > I have installed my W2k Server as domain controler with Active> Directory. ... and I found out that I have to add them to Logon> Locally. ... > Administrative Tools> Local Security Policy and i have added the> ftpusers group to logon locally, as user_a, and b are member of that> group. ... (microsoft.public.inetserver.iis.security) Re: User Login ... the user account will be able to logon remotely even though they ... the domain group called Domain Users is a member of the local ... Users group on all computers; this is usually why any domain user can ... put those user accounts into domain group and apply a GPO to the OU ... (microsoft.public.windows.server.active_directory)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint