find on which computer is connected a user

[Guest NT]

hello

 

if i only have the login_name, which tools or request (included in windows

server 2003 or 2000) can give me on which computer my user is logon and the

reverse question, same if he is not yet connected

 

 

 

thanks

[Guest Kev]

RE: find on which computer is connected a user

 

Copy this script into notepad. Save as a "filename.vbs". This will give you

the computer name of the user logged in.

 

strComputer = "ComputerName"

Set objWMIService = GetObject("winmgmts:" _

& "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")

Set colComputer = objWMIService.ExecQuery _

("Select * from Win32_ComputerSystem")

For Each objComputer in colComputer

Wscript.Echo objComputer.UserName

Next

 

"NT" wrote:

> hello

>

> if i only have the login_name, which tools or request (included in windows

> server 2003 or 2000) can give me on which computer my user is logon and the

> reverse question, same if he is not yet connected

>

>

>

> thanks

>

>

[Guest David Shen [MSFT]]

RE: find on which computer is connected a user

 

Dear Customer,

 

Thank you for posting in newsgroup. And thanks to Kev for the contribution.

 

According to the description, you want to know on which computer the domain

user logons, and on which user logon the computer. If I have any

misunderstanding, please feel free to let me know.

 

Based on the experience, here is some information which will be helpful for

you.

 

Analysis and Suggestion:

=======================

 

Option 1.

 

You may try to enable the policy "Audit Logon Events" and then audit the

user logon/logoff events in the security log.

 

To enable the policy "Audit logon events", please perform the following

steps:

 

1. Logon Domain Controller using domain administrator.

 

2. Open default domain controller policy or create a new GPO at domain

level.

 

3. Click Local Computer Policy, click Computer Configuration, and then

click Windows Settings -> Security Settings -> Local Policies -> Audit

Policy -> Double click Audit logon events and Audit Account Logon Events ->

Select Success and Failure.

 

4. Click OK.

 

You may find the following information from the Windows Server 2003

Security Guide:

 

Audit Account Logon Events

 

Determines whether to audit each instance of a user logging on to or

logging off from another computer in which this computer is used to

validate the account. If you define this policy setting, you can specify

whether to audit successes, audit failures, or not audit the event type at

all. Success audits generate an audit entry when an account logon attempt

succeeds. Failure audits generate an audit entry when an account logon

attempt fails.

 

If success auditing for account logon events is enabled on a domain

controller, an entry is logged for each user who is validated against that

domain controller, even though the user is actually logging on to a

workstation that is joined to the domain.

 

Option 2.

 

CConnect (Con-Current Connection Limiter) is a Windows 2000 Resource Kit

tool which was designed for tracking connections of users and monitoring

which computer user logged on to a network.

 

The CConnect.exe tool, in conjunction with an .adm file supplied by the

tool, can perform the following functions:

 

- Limit concurrent connections per user.

- Log off remote computers when concurrent connections are reached.

- List all computers that a user is logged on to.

- List logon servers for each user.

- Show how many users are logged on to a domain controller (DC).

- Force a logoff when concurrent connections are reached.

- Enable debugging of the CConnect tool.

- Write events to the event log of a specified server concerning the status

of the CConnect tool.

- Save all lists to a file for further examination.

- Track the last user of the computer and only limit that user from logging

on to the computer if the computer was shut down improperly.

 

For more information, please refer to:

 

Limiting a user's concurrent connections in Windows Server 2003, Windows

2000, and Windows NT 4.0

http://support.microsoft.com/kb/237282

 

Option 3.

 

You may also add some lines to the logon and log off script to write

something to the server share log file.

 

@echo off

echo [%date% %time%] >>\\server\share\logon.log

echo %username% log on %computername% to damain: %userdomain%

>>\\server\share\logon.log

 

Please note: you may need to give write permission to everyone to get the

log accessed by all users.

 

For more information about logon script, please refer to:

 

How to assign scripts in Windows 2000

http://support.microsoft.com/kb/322241

(This should be also applied to Windows Server 2003)

 

Option 4.

 

You can use a new tool called LimitLogin.

 

LimitLogin v1.0 is an application that adds the ability to limit concurrent

interactive user logons in an Active Directory domain. It can also keep

track of all logins information in Active Directory domains (without

necessarily enforcing logons quotas).

 

LimitLogin capabilities include:

 

1. Limiting the number of logins per user from any machine in the domain,

including Terminal Server sessions.

 

2. Displaying the logins information of any user in the domain according to

a specific criterion (e.g. all the logged-on sessions to a specific client

machine or Domain Controller, or all the machines a certain user is

currently logged on to).

 

3. Easy management and configuration by integrating to the Active Directory

MMC snap-ins.

 

4. Ability to delete and log off user session remotely straight from the

Active Directory Users and Computers MMC snap-in.

 

5. Generating Login information reports in CSV (Excel) and XML formats.

 

Please keep in mind that this tool is Not Supported (similar to a resource

kit tools).

 

The public download location is:

 

http://download.microsoft.com/download/f/d/0/fd05def7-68a1-4f71-8546-25c359c

c0842/limitlogin.exe

 

Hope all the information will be helpful.

 

Thanks for your time.

 

David Shen

Microsoft Online Partner Support

[Guest nicolas29]

RE: find on which computer is connected a user

 

hello

if i don't make a mistake my demand is a bit different

 

so sometimes i need to found informations about user/computer, like who was

connected on a computer whith the ip adress XXX

 

so i arrive to found the computername, but not the user who was log on, and

for the most of the time the user is yet not connected, he is outside my

company

 

at the final, i want to use a script who give me all the informations that i

need

 

i dones'nt want if possible to enable Audit Logon Events

 

 

thanks

thansk

 

 

--

nt

 

 

"David Shen [MSFT]" wrote:

> Dear Customer,

>

> Thank you for posting in newsgroup. And thanks to Kev for the contribution.

>

> According to the description, you want to know on which computer the domain

> user logons, and on which user logon the computer. If I have any

> misunderstanding, please feel free to let me know.

>

> Based on the experience, here is some information which will be helpful for

> you.

>

> Analysis and Suggestion:

> =======================

>

> Option 1.

>

> You may try to enable the policy "Audit Logon Events" and then audit the

> user logon/logoff events in the security log.

>

> To enable the policy "Audit logon events", please perform the following

> steps:

>

> 1. Logon Domain Controller using domain administrator.

>

> 2. Open default domain controller policy or create a new GPO at domain

> level.

>

> 3. Click Local Computer Policy, click Computer Configuration, and then

> click Windows Settings -> Security Settings -> Local Policies -> Audit

> Policy -> Double click Audit logon events and Audit Account Logon Events ->

> Select Success and Failure.

>

> 4. Click OK.

>

> You may find the following information from the Windows Server 2003

> Security Guide:

>

> Audit Account Logon Events

>

> Determines whether to audit each instance of a user logging on to or

> logging off from another computer in which this computer is used to

> validate the account. If you define this policy setting, you can specify

> whether to audit successes, audit failures, or not audit the event type at

> all. Success audits generate an audit entry when an account logon attempt

> succeeds. Failure audits generate an audit entry when an account logon

> attempt fails.

>

> If success auditing for account logon events is enabled on a domain

> controller, an entry is logged for each user who is validated against that

> domain controller, even though the user is actually logging on to a

> workstation that is joined to the domain.

>

> Option 2.

>

> CConnect (Con-Current Connection Limiter) is a Windows 2000 Resource Kit

> tool which was designed for tracking connections of users and monitoring

> which computer user logged on to a network.

>

> The CConnect.exe tool, in conjunction with an .adm file supplied by the

> tool, can perform the following functions:

>

> - Limit concurrent connections per user.

> - Log off remote computers when concurrent connections are reached.

> - List all computers that a user is logged on to.

> - List logon servers for each user.

> - Show how many users are logged on to a domain controller (DC).

> - Force a logoff when concurrent connections are reached.

> - Enable debugging of the CConnect tool.

> - Write events to the event log of a specified server concerning the status

> of the CConnect tool.

> - Save all lists to a file for further examination.

> - Track the last user of the computer and only limit that user from logging

> on to the computer if the computer was shut down improperly.

>

> For more information, please refer to:

>

> Limiting a user's concurrent connections in Windows Server 2003, Windows

> 2000, and Windows NT 4.0

> http://support.microsoft.com/kb/237282

>

> Option 3.

>

> You may also add some lines to the logon and log off script to write

> something to the server share log file.

>

> @echo off

> echo [%date% %time%] >>\\server\share\logon.log

> echo %username% log on %computername% to damain: %userdomain%

> >>\\server\share\logon.log

>

> Please note: you may need to give write permission to everyone to get the

> log accessed by all users.

>

> For more information about logon script, please refer to:

>

> How to assign scripts in Windows 2000

> http://support.microsoft.com/kb/322241

> (This should be also applied to Windows Server 2003)

>

> Option 4.

>

> You can use a new tool called LimitLogin.

>

> LimitLogin v1.0 is an application that adds the ability to limit concurrent

> interactive user logons in an Active Directory domain. It can also keep

> track of all logins information in Active Directory domains (without

> necessarily enforcing logons quotas).

>

> LimitLogin capabilities include:

>

> 1. Limiting the number of logins per user from any machine in the domain,

> including Terminal Server sessions.

>

> 2. Displaying the logins information of any user in the domain according to

> a specific criterion (e.g. all the logged-on sessions to a specific client

> machine or Domain Controller, or all the machines a certain user is

> currently logged on to).

>

> 3. Easy management and configuration by integrating to the Active Directory

> MMC snap-ins.

>

> 4. Ability to delete and log off user session remotely straight from the

> Active Directory Users and Computers MMC snap-in.

>

> 5. Generating Login information reports in CSV (Excel) and XML formats.

>

> Please keep in mind that this tool is Not Supported (similar to a resource

> kit tools).

>

> The public download location is:

>

> http://download.microsoft.com/download/f/d/0/fd05def7-68a1-4f71-8546-25c359c

> c0842/limitlogin.exe

>

> Hope all the information will be helpful.

>

> Thanks for your time.

>

> David Shen

> Microsoft Online Partner Support

>

>

[Guest nicolas29]

RE: find on which computer is connected a user

 

thanks kev for your script but i think he doesn't work if the user is yet not

connected, who is my more regular case

 

have you a other for that?

 

--

nt

 

 

"Kev" wrote:

> Copy this script into notepad. Save as a "filename.vbs". This will give you

> the computer name of the user logged in.

>

> strComputer = "ComputerName"

> Set objWMIService = GetObject("winmgmts:" _

> & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")

> Set colComputer = objWMIService.ExecQuery _

> ("Select * from Win32_ComputerSystem")

> For Each objComputer in colComputer

> Wscript.Echo objComputer.UserName

> Next

>

> "NT" wrote:

>

> > hello

> >

> > if i only have the login_name, which tools or request (included in windows

> > server 2003 or 2000) can give me on which computer my user is logon and the

> > reverse question, same if he is not yet connected

> >

> >

> >

> > thanks

> >

> >

[Guest David Shen [MSFT]]

RE: find on which computer is connected a user

 

Hello NT,

 

Thanks for the reply.

 

Based on your demand, here is a script which may be helpful for you. You

can assign a logon or logoff script in a GPO to apply to all the domain

computer.

 

logon script

 

@echo off

echo [%date% %time%] >> \\server\share\logon.log

echo %username% log on %computername% to damain: %userdomain% >>

\\server\share\logon.log

 

logoff script

 

@echo off

echo [%date% %time%] >> \\server\share\logoff.log

echo %username% log off %computername% to damain: %userdomain% >>

\\server\share\logoff.log

 

Please note: You may add some lines to the logon and logoff script to write

something to the server share log file. You may need to give write

permission to everyone to get the log accessed by all users.

 

For more information about logon script, please refer to:

 

How to assign scripts in Windows 2000

http://support.microsoft.com/kb/322241

(This should be also applied to Windows Server 2003)

 

Please note: the newsgroup is focus on the Windows server general issues.

For further assistance with this coding/development issue, please consider

our MSDN newsgroup or corresponding scripting newsgroup:

 

1. MSDN newsgroups

http://msdn.microsoft.com/newsgroups/default.asp

 

2. Public newsgroups for peer experiences and recommendations:

 

microsoft.public.windows.server.scripting

http://www.microsoft.com/technet/community/newsgroups/dgbrowser/en-us/defaul

t.mspx?dg=microsoft.public.scripting.vbscript

 

Hope the information will be helpful and the issue will be resolved soon.

 

Thanks for the understanding.

 

David Shen

Microsoft Online Partner Support

[Guest nicolas29]

RE: find on which computer is connected a user

 

thanks, it is simple but it works so it is a good idea, that i will apply

 

thanks david and have a nice day

--

nt

 

 

"David Shen [MSFT]" wrote:

> Hello NT,

>

> Thanks for the reply.

>

> Based on your demand, here is a script which may be helpful for you. You

> can assign a logon or logoff script in a GPO to apply to all the domain

> computer.

>

> logon script

>

> @echo off

> echo [%date% %time%] >> \\server\share\logon.log

> echo %username% log on %computername% to damain: %userdomain% >>

> \\server\share\logon.log

>

> logoff script

>

> @echo off

> echo [%date% %time%] >> \\server\share\logoff.log

> echo %username% log off %computername% to damain: %userdomain% >>

> \\server\share\logoff.log

>

> Please note: You may add some lines to the logon and logoff script to write

> something to the server share log file. You may need to give write

> permission to everyone to get the log accessed by all users.

>

> For more information about logon script, please refer to:

>

> How to assign scripts in Windows 2000

> http://support.microsoft.com/kb/322241

> (This should be also applied to Windows Server 2003)

>

> Please note: the newsgroup is focus on the Windows server general issues.

> For further assistance with this coding/development issue, please consider

> our MSDN newsgroup or corresponding scripting newsgroup:

>

> 1. MSDN newsgroups

> http://msdn.microsoft.com/newsgroups/default.asp

>

> 2. Public newsgroups for peer experiences and recommendations:

>

> microsoft.public.windows.server.scripting

> http://www.microsoft.com/technet/community/newsgroups/dgbrowser/en-us/defaul

> t.mspx?dg=microsoft.public.scripting.vbscript

>

> Hope the information will be helpful and the issue will be resolved soon.

>

> Thanks for the understanding.

>

> David Shen

> Microsoft Online Partner Support

>

>

[Guest David Shen [MSFT]]

RE: find on which computer is connected a user

 

Hello NT,

 

I am glad that the information will be helpful. If you have any question,

welcome to our newsgroup again.

 

David Shen

Microsoft Online Partner Support

[Guest Pierre Lemperiere]

And querying an AD

 

And querying an AD

 

Hi,

 

This is an interesting way to retrieve on which computer a user is connected.

 

I try to find a way of doing it through visual basic to query the Active Directory.

 

But i can not succeed, in the documentation of the namespace System.Directoryservices , i can not find how a cn=user is related to a cn=computer...

 

Could you help me on that ?

 

Thanks in advance.

[Guest Meinolf Weber]

Re: And querying an AD

 

Re: And querying an AD

 

Hello Pierre,

 

You can not find it, because it is not listed/stored in Active directory.

 

Best regards

 

Meinolf Weber

Disclaimer: This posting is provided "AS IS" with no warranties, and confers

no rights.

** Please do NOT email, only reply to Newsgroups

** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm

 

> Hi,

>

> This is an interesting way to retrieve on which computer a user is

> connected.

>

> I try to find a way of doing it through visual basic to query the

> Active Directory.

>

> But i can not succeed, in the documentation of the namespace

> System.Directoryservices , i can not find how a cn=user is related to

> a cn=computer...

>

> Could you help me on that ?

>

> Thanks in advance.

>

[Guest Richard Mueller [MVP]]

Re: And querying an AD

 

Re: And querying an AD

 

 

"Pierre Lemperiere" wrote in message

news:20089252002pierrestephazz@hotmail.fr...

> Hi,

>

> This is an interesting way to retrieve on which computer a user is

> connected.

>

> I try to find a way of doing it through visual basic to query the Active

> Directory.

>

> But i can not succeed, in the documentation of the namespace

> System.Directoryservices , i can not find how a cn=user is related to a

> cn=computer...

>

> Could you help me on that ?

>

> Thanks in advance.

 

AD does not keep track of which computer each user logged onto. One solution

I've used in the past is a logon script that appends a line to a shared log

file with date/time, user name, and computer name. You can also have a

logoff script log when the user logs off. Other than that, I believe there

are third party tools that keep track of which user is using which computer.

 

--

Richard Mueller

MVP Directory Services

Hilltop Lab - http://www.rlmueller.net

--