Guest NT Posted April 7, 2008 Posted April 7, 2008 hello if i only have the login_name, which tools or request (included in windows server 2003 or 2000) can give me on which computer my user is logon and the reverse question, same if he is not yet connected thanks
Guest Kev Posted April 7, 2008 Posted April 7, 2008 RE: find on which computer is connected a user Copy this script into notepad. Save as a "filename.vbs". This will give you the computer name of the user logged in. strComputer = "ComputerName" Set objWMIService = GetObject("winmgmts:" _ & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2") Set colComputer = objWMIService.ExecQuery _ ("Select * from Win32_ComputerSystem") For Each objComputer in colComputer Wscript.Echo objComputer.UserName Next "NT" wrote: > hello > > if i only have the login_name, which tools or request (included in windows > server 2003 or 2000) can give me on which computer my user is logon and the > reverse question, same if he is not yet connected > > > > thanks > >
Guest David Shen [MSFT] Posted April 8, 2008 Posted April 8, 2008 RE: find on which computer is connected a user Dear Customer, Thank you for posting in newsgroup. And thanks to Kev for the contribution. According to the description, you want to know on which computer the domain user logons, and on which user logon the computer. If I have any misunderstanding, please feel free to let me know. Based on the experience, here is some information which will be helpful for you. Analysis and Suggestion: ======================= Option 1. You may try to enable the policy "Audit Logon Events" and then audit the user logon/logoff events in the security log. To enable the policy "Audit logon events", please perform the following steps: 1. Logon Domain Controller using domain administrator. 2. Open default domain controller policy or create a new GPO at domain level. 3. Click Local Computer Policy, click Computer Configuration, and then click Windows Settings -> Security Settings -> Local Policies -> Audit Policy -> Double click Audit logon events and Audit Account Logon Events -> Select Success and Failure. 4. Click OK. You may find the following information from the Windows Server 2003 Security Guide: Audit Account Logon Events Determines whether to audit each instance of a user logging on to or logging off from another computer in which this computer is used to validate the account. If you define this policy setting, you can specify whether to audit successes, audit failures, or not audit the event type at all. Success audits generate an audit entry when an account logon attempt succeeds. Failure audits generate an audit entry when an account logon attempt fails. If success auditing for account logon events is enabled on a domain controller, an entry is logged for each user who is validated against that domain controller, even though the user is actually logging on to a workstation that is joined to the domain. Option 2. CConnect (Con-Current Connection Limiter) is a Windows 2000 Resource Kit tool which was designed for tracking connections of users and monitoring which computer user logged on to a network. The CConnect.exe tool, in conjunction with an .adm file supplied by the tool, can perform the following functions: - Limit concurrent connections per user. - Log off remote computers when concurrent connections are reached. - List all computers that a user is logged on to. - List logon servers for each user. - Show how many users are logged on to a domain controller (DC). - Force a logoff when concurrent connections are reached. - Enable debugging of the CConnect tool. - Write events to the event log of a specified server concerning the status of the CConnect tool. - Save all lists to a file for further examination. - Track the last user of the computer and only limit that user from logging on to the computer if the computer was shut down improperly. For more information, please refer to: Limiting a user's concurrent connections in Windows Server 2003, Windows 2000, and Windows NT 4.0 http://support.microsoft.com/kb/237282 Option 3. You may also add some lines to the logon and log off script to write something to the server share log file. @echo off echo [%date% %time%] >>\\server\share\logon.log echo %username% log on %computername% to damain: %userdomain% >>\\server\share\logon.log Please note: you may need to give write permission to everyone to get the log accessed by all users. For more information about logon script, please refer to: How to assign scripts in Windows 2000 http://support.microsoft.com/kb/322241 (This should be also applied to Windows Server 2003) Option 4. You can use a new tool called LimitLogin. LimitLogin v1.0 is an application that adds the ability to limit concurrent interactive user logons in an Active Directory domain. It can also keep track of all logins information in Active Directory domains (without necessarily enforcing logons quotas). LimitLogin capabilities include: 1. Limiting the number of logins per user from any machine in the domain, including Terminal Server sessions. 2. Displaying the logins information of any user in the domain according to a specific criterion (e.g. all the logged-on sessions to a specific client machine or Domain Controller, or all the machines a certain user is currently logged on to). 3. Easy management and configuration by integrating to the Active Directory MMC snap-ins. 4. Ability to delete and log off user session remotely straight from the Active Directory Users and Computers MMC snap-in. 5. Generating Login information reports in CSV (Excel) and XML formats. Please keep in mind that this tool is Not Supported (similar to a resource kit tools). The public download location is: http://download.microsoft.com/download/f/d/0/fd05def7-68a1-4f71-8546-25c359c c0842/limitlogin.exe Hope all the information will be helpful. Thanks for your time. David Shen Microsoft Online Partner Support
Guest nicolas29 Posted April 8, 2008 Posted April 8, 2008 RE: find on which computer is connected a user hello if i don't make a mistake my demand is a bit different so sometimes i need to found informations about user/computer, like who was connected on a computer whith the ip adress XXX so i arrive to found the computername, but not the user who was log on, and for the most of the time the user is yet not connected, he is outside my company at the final, i want to use a script who give me all the informations that i need i dones'nt want if possible to enable Audit Logon Events thanks thansk -- nt "David Shen [MSFT]" wrote: > Dear Customer, > > Thank you for posting in newsgroup. And thanks to Kev for the contribution. > > According to the description, you want to know on which computer the domain > user logons, and on which user logon the computer. If I have any > misunderstanding, please feel free to let me know. > > Based on the experience, here is some information which will be helpful for > you. > > Analysis and Suggestion: > ======================= > > Option 1. > > You may try to enable the policy "Audit Logon Events" and then audit the > user logon/logoff events in the security log. > > To enable the policy "Audit logon events", please perform the following > steps: > > 1. Logon Domain Controller using domain administrator. > > 2. Open default domain controller policy or create a new GPO at domain > level. > > 3. Click Local Computer Policy, click Computer Configuration, and then > click Windows Settings -> Security Settings -> Local Policies -> Audit > Policy -> Double click Audit logon events and Audit Account Logon Events -> > Select Success and Failure. > > 4. Click OK. > > You may find the following information from the Windows Server 2003 > Security Guide: > > Audit Account Logon Events > > Determines whether to audit each instance of a user logging on to or > logging off from another computer in which this computer is used to > validate the account. If you define this policy setting, you can specify > whether to audit successes, audit failures, or not audit the event type at > all. Success audits generate an audit entry when an account logon attempt > succeeds. Failure audits generate an audit entry when an account logon > attempt fails. > > If success auditing for account logon events is enabled on a domain > controller, an entry is logged for each user who is validated against that > domain controller, even though the user is actually logging on to a > workstation that is joined to the domain. > > Option 2. > > CConnect (Con-Current Connection Limiter) is a Windows 2000 Resource Kit > tool which was designed for tracking connections of users and monitoring > which computer user logged on to a network. > > The CConnect.exe tool, in conjunction with an .adm file supplied by the > tool, can perform the following functions: > > - Limit concurrent connections per user. > - Log off remote computers when concurrent connections are reached. > - List all computers that a user is logged on to. > - List logon servers for each user. > - Show how many users are logged on to a domain controller (DC). > - Force a logoff when concurrent connections are reached. > - Enable debugging of the CConnect tool. > - Write events to the event log of a specified server concerning the status > of the CConnect tool. > - Save all lists to a file for further examination. > - Track the last user of the computer and only limit that user from logging > on to the computer if the computer was shut down improperly. > > For more information, please refer to: > > Limiting a user's concurrent connections in Windows Server 2003, Windows > 2000, and Windows NT 4.0 > http://support.microsoft.com/kb/237282 > > Option 3. > > You may also add some lines to the logon and log off script to write > something to the server share log file. > > @echo off > echo [%date% %time%] >>\\server\share\logon.log > echo %username% log on %computername% to damain: %userdomain% > >>\\server\share\logon.log > > Please note: you may need to give write permission to everyone to get the > log accessed by all users. > > For more information about logon script, please refer to: > > How to assign scripts in Windows 2000 > http://support.microsoft.com/kb/322241 > (This should be also applied to Windows Server 2003) > > Option 4. > > You can use a new tool called LimitLogin. > > LimitLogin v1.0 is an application that adds the ability to limit concurrent > interactive user logons in an Active Directory domain. It can also keep > track of all logins information in Active Directory domains (without > necessarily enforcing logons quotas). > > LimitLogin capabilities include: > > 1. Limiting the number of logins per user from any machine in the domain, > including Terminal Server sessions. > > 2. Displaying the logins information of any user in the domain according to > a specific criterion (e.g. all the logged-on sessions to a specific client > machine or Domain Controller, or all the machines a certain user is > currently logged on to). > > 3. Easy management and configuration by integrating to the Active Directory > MMC snap-ins. > > 4. Ability to delete and log off user session remotely straight from the > Active Directory Users and Computers MMC snap-in. > > 5. Generating Login information reports in CSV (Excel) and XML formats. > > Please keep in mind that this tool is Not Supported (similar to a resource > kit tools). > > The public download location is: > > http://download.microsoft.com/download/f/d/0/fd05def7-68a1-4f71-8546-25c359c > c0842/limitlogin.exe > > Hope all the information will be helpful. > > Thanks for your time. > > David Shen > Microsoft Online Partner Support > >
Guest nicolas29 Posted April 8, 2008 Posted April 8, 2008 RE: find on which computer is connected a user thanks kev for your script but i think he doesn't work if the user is yet not connected, who is my more regular case have you a other for that? -- nt "Kev" wrote: > Copy this script into notepad. Save as a "filename.vbs". This will give you > the computer name of the user logged in. > > strComputer = "ComputerName" > Set objWMIService = GetObject("winmgmts:" _ > & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2") > Set colComputer = objWMIService.ExecQuery _ > ("Select * from Win32_ComputerSystem") > For Each objComputer in colComputer > Wscript.Echo objComputer.UserName > Next > > "NT" wrote: > > > hello > > > > if i only have the login_name, which tools or request (included in windows > > server 2003 or 2000) can give me on which computer my user is logon and the > > reverse question, same if he is not yet connected > > > > > > > > thanks > > > >
Guest David Shen [MSFT] Posted April 9, 2008 Posted April 9, 2008 RE: find on which computer is connected a user Hello NT, Thanks for the reply. Based on your demand, here is a script which may be helpful for you. You can assign a logon or logoff script in a GPO to apply to all the domain computer. logon script @echo off echo [%date% %time%] >> \\server\share\logon.log echo %username% log on %computername% to damain: %userdomain% >> \\server\share\logon.log logoff script @echo off echo [%date% %time%] >> \\server\share\logoff.log echo %username% log off %computername% to damain: %userdomain% >> \\server\share\logoff.log Please note: You may add some lines to the logon and logoff script to write something to the server share log file. You may need to give write permission to everyone to get the log accessed by all users. For more information about logon script, please refer to: How to assign scripts in Windows 2000 http://support.microsoft.com/kb/322241 (This should be also applied to Windows Server 2003) Please note: the newsgroup is focus on the Windows server general issues. For further assistance with this coding/development issue, please consider our MSDN newsgroup or corresponding scripting newsgroup: 1. MSDN newsgroups http://msdn.microsoft.com/newsgroups/default.asp 2. Public newsgroups for peer experiences and recommendations: microsoft.public.windows.server.scripting http://www.microsoft.com/technet/community/newsgroups/dgbrowser/en-us/defaul t.mspx?dg=microsoft.public.scripting.vbscript Hope the information will be helpful and the issue will be resolved soon. Thanks for the understanding. David Shen Microsoft Online Partner Support
Guest nicolas29 Posted April 9, 2008 Posted April 9, 2008 RE: find on which computer is connected a user thanks, it is simple but it works so it is a good idea, that i will apply thanks david and have a nice day -- nt "David Shen [MSFT]" wrote: > Hello NT, > > Thanks for the reply. > > Based on your demand, here is a script which may be helpful for you. You > can assign a logon or logoff script in a GPO to apply to all the domain > computer. > > logon script > > @echo off > echo [%date% %time%] >> \\server\share\logon.log > echo %username% log on %computername% to damain: %userdomain% >> > \\server\share\logon.log > > logoff script > > @echo off > echo [%date% %time%] >> \\server\share\logoff.log > echo %username% log off %computername% to damain: %userdomain% >> > \\server\share\logoff.log > > Please note: You may add some lines to the logon and logoff script to write > something to the server share log file. You may need to give write > permission to everyone to get the log accessed by all users. > > For more information about logon script, please refer to: > > How to assign scripts in Windows 2000 > http://support.microsoft.com/kb/322241 > (This should be also applied to Windows Server 2003) > > Please note: the newsgroup is focus on the Windows server general issues. > For further assistance with this coding/development issue, please consider > our MSDN newsgroup or corresponding scripting newsgroup: > > 1. MSDN newsgroups > http://msdn.microsoft.com/newsgroups/default.asp > > 2. Public newsgroups for peer experiences and recommendations: > > microsoft.public.windows.server.scripting > http://www.microsoft.com/technet/community/newsgroups/dgbrowser/en-us/defaul > t.mspx?dg=microsoft.public.scripting.vbscript > > Hope the information will be helpful and the issue will be resolved soon. > > Thanks for the understanding. > > David Shen > Microsoft Online Partner Support > >
Guest David Shen [MSFT] Posted April 10, 2008 Posted April 10, 2008 RE: find on which computer is connected a user Hello NT, I am glad that the information will be helpful. If you have any question, welcome to our newsgroup again. David Shen Microsoft Online Partner Support
Guest Pierre Lemperiere Posted September 26, 2008 Posted September 26, 2008 And querying an AD And querying an AD Hi, This is an interesting way to retrieve on which computer a user is connected. I try to find a way of doing it through visual basic to query the Active Directory. But i can not succeed, in the documentation of the namespace System.Directoryservices , i can not find how a cn=user is related to a cn=computer... Could you help me on that ? Thanks in advance.
Guest Meinolf Weber Posted September 26, 2008 Posted September 26, 2008 Re: And querying an AD Re: And querying an AD Hello Pierre, You can not find it, because it is not listed/stored in Active directory. Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights. ** Please do NOT email, only reply to Newsgroups ** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm > Hi, > > This is an interesting way to retrieve on which computer a user is > connected. > > I try to find a way of doing it through visual basic to query the > Active Directory. > > But i can not succeed, in the documentation of the namespace > System.Directoryservices , i can not find how a cn=user is related to > a cn=computer... > > Could you help me on that ? > > Thanks in advance. >
Guest Richard Mueller [MVP] Posted September 26, 2008 Posted September 26, 2008 Re: And querying an AD Re: And querying an AD "Pierre Lemperiere" wrote in message news:20089252002pierrestephazz@hotmail.fr... > Hi, > > This is an interesting way to retrieve on which computer a user is > connected. > > I try to find a way of doing it through visual basic to query the Active > Directory. > > But i can not succeed, in the documentation of the namespace > System.Directoryservices , i can not find how a cn=user is related to a > cn=computer... > > Could you help me on that ? > > Thanks in advance. AD does not keep track of which computer each user logged onto. One solution I've used in the past is a logon script that appends a line to a shared log file with date/time, user name, and computer name. You can also have a logoff script log when the user logs off. Other than that, I believe there are third party tools that keep track of which user is using which computer. -- Richard Mueller MVP Directory Services Hilltop Lab - http://www.rlmueller.net --
Recommended Posts