Re: display last login and unsuccessful login attempts

From: "alps" <alpeshic@xxxxxxxxx>
Date: 23 Feb 2007 08:16:09 -0800

On Feb 18, 12:28 pm, "Steven L Umbach" <n...@n0-spam-for-me-
comcast.net> wrote:

That information is kept in the security log once auditing of account logon
and /or logon events is enabled for success and failure in Local Security
Policy as explained in the first link below. There are third party programs
that can help you create reports of the information you want such as GFI
Events Manager.

Steve

http://support.microsoft.com/default.aspx?scid=KB;en-us;q248260 --- for
domain controllers you need to enable auditing in Domain Controller Security
Policy or whatever GPO linked to the domain controller container that you
are using to manage domain controller policy if you have additional GPOs
linked to it.

http://kbase.gfi.com/showarticle.asp?id=KBID002879 --- GFI Events manager

http://www.microsoft.com/technet/security/guidance/auditingandmonitor...
-- The Security Monitoring and Attack Detection Planning Guide

"alps" <alpes...@xxxxxxxxx> wrote in message

news:1171655753.708408.179470@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

I have a requirement. In which after successfullogininto the system
administrator will get the banner which gives LastLoginDate and
Time, Number ofunsuccessfulLoginattemptssince last successful
loginn and Location of worksation of lastlogin.

Thanks,
Alpesh- Hide quoted text -

- Show quoted text -

Thanks Steve for the information.

But, I am not using Active directory in Windows 2000 and when I tried
to use the Attributes BadPwdCount and LoginWorkstation It give me
error that Directory does not have properties in cache.
For the Last Login it shows the Lastlogin Time for the Current
Session.
I am looking for the Last login time of Previous Session.

So, Any more information will be highly appreciated.

Thanks,
Alps

.

Follow-Ups:
- Re: display last login and unsuccessful login attempts
  - From: Roger Abell [MVP]

References:
- display last login and unsuccessful login attempts
  - From: alps
- Re: display last login and unsuccessful login attempts
  - From: Steven L Umbach

Prev by Date: Re: Question for Roger Abell
Next by Date: Re: Where to find all downloadable security patches for W2K+SP4?
Previous by thread: Re: display last login and unsuccessful login attempts
Next by thread: Re: display last login and unsuccessful login attempts
Index(es):
- Date
- Thread

Relevant Pages

Re: Anonymous, Guest login problems!!!
... they happen like 15 during a period of 3-4 minutes, always success ... policy, as set in the local security policy. ... >> deleting the guest account but it's not possible to delete ...
(microsoft.public.windowsxp.security_admin)
Re: Microsoft Security & Configuration Tool (MSCT)
... > install into the server become problem. ... How to undo the security configuration that I had already applied ... basicsv.inf is the Domain Controller Security Policy, ...
(microsoft.public.security)
Re: Group policy - another newbie question
... Domain Controller Security Policy is exactly that. ... > settings you see if you open Active Directory ...
(microsoft.public.win2000.group_policy)
Re: Security - Compromised!
... policy, no auditing/intrusion detection, etc. So I would say top things are ... to have properly configured firewall (test with external security scanner) ... Changes could have been made at domain or domain controller ... clean it would be time to run dcpromo on your new server. ...
(microsoft.public.win2000.security)
Re: Backing out Complex passwords enabled in Domain Group policy.
... > in Domain Controller Security Policy and my experience shows that, ... The only settings that are strictly domain specific are the ... > container then password policy changes will not be implemented. ...
(microsoft.public.win2000.security)