Re: How to find out what computer a user logged in on.
From: Steven L Umbach (n9rou_at_nospam-comcast.net)
Date: 04/21/05
- Next message: atx: "remote downlevel document"
- Previous message: Atlanta Thrashers Fan: "How to find out what computer a user logged in on."
- In reply to: Atlanta Thrashers Fan: "How to find out what computer a user logged in on."
- Next in thread: andy smart: "Re: How to find out what computer a user logged in on."
- Reply: andy smart: "Re: How to find out what computer a user logged in on."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 21 Apr 2005 15:02:25 -0500
For a domain your best bet is to enable auditing of logon events in Domain
Controller Security Policy and for domain computers enable auditing of logon
events in Domain Security Policy. Be sure to increase the size of your
security log quite a bit on your domain controllers to sat at least 10MB.
You would then have to look in the security logs of the domain controllers
to see the user name and account logon events. There would also be a logon
event recorded on the domain computer where they logged on though that would
be more difficult to find though the free tool Event Comb can scan the logs
of multiple computers for specific events or text strings such as a user or
computer name. If you have at least one Windows 2003 domain controller you
can use the new limitlogon RK tool to track user logons. The link below may
help. -- Steve
http://www.microsoft.com/technet/security/prodtech/windows2000/secmod144.mspx
http://www.thincomputing.net/newsitem296.html -- limitlogon info and FAQ
link
<Atlanta Thrashers Fan> wrote in message
news:95vf61hc3cod07uq8hp2s8vk7uigf5m238@4ax.com...
> I need to know how to find out what computer a user logged in on.
> I've looked in the Security Event Log, and I see there's a field for
> it. But, there's no information in that field. It's almost always
> blank.
> Also, how can I find out what computer(s) a user is currently
> logged in on? I have the Windows 2000 Resource Kit, but I haven't
> seen a tool in there that will tell me. Any help you can give is
> greatly appreciated.
- Next message: atx: "remote downlevel document"
- Previous message: Atlanta Thrashers Fan: "How to find out what computer a user logged in on."
- In reply to: Atlanta Thrashers Fan: "How to find out what computer a user logged in on."
- Next in thread: andy smart: "Re: How to find out what computer a user logged in on."
- Reply: andy smart: "Re: How to find out what computer a user logged in on."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
