find on which computer is connected a user

  • Thread starter Thread starter NT
  • Start date Start date
N

NT

Guest
hello

if i only have the login_name, which tools or request (included in windows
server 2003 or 2000) can give me on which computer my user is logon and the
reverse question, same if he is not yet connected



thanks
 
RE: find on which computer is connected a user

Copy this script into notepad. Save as a "filename.vbs". This will give you
the computer name of the user logged in.

strComputer = "ComputerName"
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
Set colComputer = objWMIService.ExecQuery _
("Select * from Win32_ComputerSystem")
For Each objComputer in colComputer
Wscript.Echo objComputer.UserName
Next

"NT" wrote:

> hello
>
> if i only have the login_name, which tools or request (included in windows
> server 2003 or 2000) can give me on which computer my user is logon and the
> reverse question, same if he is not yet connected
>
>
>
> thanks
>
>
 
RE: find on which computer is connected a user

Dear Customer,

Thank you for posting in newsgroup. And thanks to Kev for the contribution.

According to the description, you want to know on which computer the domain
user logons, and on which user logon the computer. If I have any
misunderstanding, please feel free to let me know.

Based on the experience, here is some information which will be helpful for
you.

Analysis and Suggestion:
=======================

Option 1.

You may try to enable the policy "Audit Logon Events" and then audit the
user logon/logoff events in the security log.

To enable the policy "Audit logon events", please perform the following
steps:

1. Logon Domain Controller using domain administrator.

2. Open default domain controller policy or create a new GPO at domain
level.

3. Click Local Computer Policy, click Computer Configuration, and then
click Windows Settings -> Security Settings -> Local Policies -> Audit
Policy -> Double click Audit logon events and Audit Account Logon Events ->
Select Success and Failure.

4. Click OK.

You may find the following information from the Windows Server 2003
Security Guide:

Audit Account Logon Events

Determines whether to audit each instance of a user logging on to or
logging off from another computer in which this computer is used to
validate the account. If you define this policy setting, you can specify
whether to audit successes, audit failures, or not audit the event type at
all. Success audits generate an audit entry when an account logon attempt
succeeds. Failure audits generate an audit entry when an account logon
attempt fails.

If success auditing for account logon events is enabled on a domain
controller, an entry is logged for each user who is validated against that
domain controller, even though the user is actually logging on to a
workstation that is joined to the domain.

Option 2.

CConnect (Con-Current Connection Limiter) is a Windows 2000 Resource Kit
tool which was designed for tracking connections of users and monitoring
which computer user logged on to a network.

The CConnect.exe tool, in conjunction with an .adm file supplied by the
tool, can perform the following functions:

- Limit concurrent connections per user.
- Log off remote computers when concurrent connections are reached.
- List all computers that a user is logged on to.
- List logon servers for each user.
- Show how many users are logged on to a domain controller (DC).
- Force a logoff when concurrent connections are reached.
- Enable debugging of the CConnect tool.
- Write events to the event log of a specified server concerning the status
of the CConnect tool.
- Save all lists to a file for further examination.
- Track the last user of the computer and only limit that user from logging
on to the computer if the computer was shut down improperly.

For more information, please refer to:

Limiting a user's concurrent connections in Windows Server 2003, Windows
2000, and Windows NT 4.0
http://support.microsoft.com/kb/237282

Option 3.

You may also add some lines to the logon and log off script to write
something to the server share log file.

@echo off
echo [%date% %time%] >>\\server\share\logon.log
echo %username% log on %computername% to damain: %userdomain%
>>\\server\share\logon.log

Please note: you may need to give write permission to everyone to get the
log accessed by all users.

For more information about logon script, please refer to:

How to assign scripts in Windows 2000
http://support.microsoft.com/kb/322241
(This should be also applied to Windows Server 2003)

Option 4.

You can use a new tool called LimitLogin.

LimitLogin v1.0 is an application that adds the ability to limit concurrent
interactive user logons in an Active Directory domain. It can also keep
track of all logins information in Active Directory domains (without
necessarily enforcing logons quotas).

LimitLogin capabilities include:

1. Limiting the number of logins per user from any machine in the domain,
including Terminal Server sessions.

2. Displaying the logins information of any user in the domain according to
a specific criterion (e.g. all the logged-on sessions to a specific client
machine or Domain Controller, or all the machines a certain user is
currently logged on to).

3. Easy management and configuration by integrating to the Active Directory
MMC snap-ins.

4. Ability to delete and log off user session remotely straight from the
Active Directory Users and Computers MMC snap-in.

5. Generating Login information reports in CSV (Excel) and XML formats.

Please keep in mind that this tool is Not Supported (similar to a resource
kit tools).

The public download location is:

http://download.microsoft.com/download/f/d/0/fd05def7-68a1-4f71-8546-25c359c
c0842/limitlogin.exe

Hope all the information will be helpful.

Thanks for your time.

David Shen
Microsoft Online Partner Support
 
RE: find on which computer is connected a user

hello
if i don't make a mistake my demand is a bit different

so sometimes i need to found informations about user/computer, like who was
connected on a computer whith the ip adress XXX

so i arrive to found the computername, but not the user who was log on, and
for the most of the time the user is yet not connected, he is outside my
company

at the final, i want to use a script who give me all the informations that i
need

i dones'nt want if possible to enable Audit Logon Events


thanks
thansk


--
nt


"David Shen [MSFT]" wrote:

> Dear Customer,
>
> Thank you for posting in newsgroup. And thanks to Kev for the contribution.
>
> According to the description, you want to know on which computer the domain
> user logons, and on which user logon the computer. If I have any
> misunderstanding, please feel free to let me know.
>
> Based on the experience, here is some information which will be helpful for
> you.
>
> Analysis and Suggestion:
> =======================
>
> Option 1.
>
> You may try to enable the policy "Audit Logon Events" and then audit the
> user logon/logoff events in the security log.
>
> To enable the policy "Audit logon events", please perform the following
> steps:
>
> 1. Logon Domain Controller using domain administrator.
>
> 2. Open default domain controller policy or create a new GPO at domain
> level.
>
> 3. Click Local Computer Policy, click Computer Configuration, and then
> click Windows Settings -> Security Settings -> Local Policies -> Audit
> Policy -> Double click Audit logon events and Audit Account Logon Events ->
> Select Success and Failure.
>
> 4. Click OK.
>
> You may find the following information from the Windows Server 2003
> Security Guide:
>
> Audit Account Logon Events
>
> Determines whether to audit each instance of a user logging on to or
> logging off from another computer in which this computer is used to
> validate the account. If you define this policy setting, you can specify
> whether to audit successes, audit failures, or not audit the event type at
> all. Success audits generate an audit entry when an account logon attempt
> succeeds. Failure audits generate an audit entry when an account logon
> attempt fails.
>
> If success auditing for account logon events is enabled on a domain
> controller, an entry is logged for each user who is validated against that
> domain controller, even though the user is actually logging on to a
> workstation that is joined to the domain.
>
> Option 2.
>
> CConnect (Con-Current Connection Limiter) is a Windows 2000 Resource Kit
> tool which was designed for tracking connections of users and monitoring
> which computer user logged on to a network.
>
> The CConnect.exe tool, in conjunction with an .adm file supplied by the
> tool, can perform the following functions:
>
> - Limit concurrent connections per user.
> - Log off remote computers when concurrent connections are reached.
> - List all computers that a user is logged on to.
> - List logon servers for each user.
> - Show how many users are logged on to a domain controller (DC).
> - Force a logoff when concurrent connections are reached.
> - Enable debugging of the CConnect tool.
> - Write events to the event log of a specified server concerning the status
> of the CConnect tool.
> - Save all lists to a file for further examination.
> - Track the last user of the computer and only limit that user from logging
> on to the computer if the computer was shut down improperly.
>
> For more information, please refer to:
>
> Limiting a user's concurrent connections in Windows Server 2003, Windows
> 2000, and Windows NT 4.0
> http://support.microsoft.com/kb/237282
>
> Option 3.
>
> You may also add some lines to the logon and log off script to write
> something to the server share log file.
>
> @echo off
> echo [%date% %time%] >>\\server\share\logon.log
> echo %username% log on %computername% to damain: %userdomain%
> >>\\server\share\logon.log
>
> Please note: you may need to give write permission to everyone to get the
> log accessed by all users.
>
> For more information about logon script, please refer to:
>
> How to assign scripts in Windows 2000
> http://support.microsoft.com/kb/322241
> (This should be also applied to Windows Server 2003)
>
> Option 4.
>
> You can use a new tool called LimitLogin.
>
> LimitLogin v1.0 is an application that adds the ability to limit concurrent
> interactive user logons in an Active Directory domain. It can also keep
> track of all logins information in Active Directory domains (without
> necessarily enforcing logons quotas).
>
> LimitLogin capabilities include:
>
> 1. Limiting the number of logins per user from any machine in the domain,
> including Terminal Server sessions.
>
> 2. Displaying the logins information of any user in the domain according to
> a specific criterion (e.g. all the logged-on sessions to a specific client
> machine or Domain Controller, or all the machines a certain user is
> currently logged on to).
>
> 3. Easy management and configuration by integrating to the Active Directory
> MMC snap-ins.
>
> 4. Ability to delete and log off user session remotely straight from the
> Active Directory Users and Computers MMC snap-in.
>
> 5. Generating Login information reports in CSV (Excel) and XML formats.
>
> Please keep in mind that this tool is Not Supported (similar to a resource
> kit tools).
>
> The public download location is:
>
> http://download.microsoft.com/download/f/d/0/fd05def7-68a1-4f71-8546-25c359c
> c0842/limitlogin.exe
>
> Hope all the information will be helpful.
>
> Thanks for your time.
>
> David Shen
> Microsoft Online Partner Support
>
>
 
RE: find on which computer is connected a user

thanks kev for your script but i think he doesn't work if the user is yet not
connected, who is my more regular case

have you a other for that?

--
nt


"Kev" wrote:

> Copy this script into notepad. Save as a "filename.vbs". This will give you
> the computer name of the user logged in.
>
> strComputer = "ComputerName"
> Set objWMIService = GetObject("winmgmts:" _
> & "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
> Set colComputer = objWMIService.ExecQuery _
> ("Select * from Win32_ComputerSystem")
> For Each objComputer in colComputer
> Wscript.Echo objComputer.UserName
> Next
>
> "NT" wrote:
>
> > hello
> >
> > if i only have the login_name, which tools or request (included in windows
> > server 2003 or 2000) can give me on which computer my user is logon and the
> > reverse question, same if he is not yet connected
> >
> >
> >
> > thanks
> >
> >
 
RE: find on which computer is connected a user

Hello NT,

Thanks for the reply.

Based on your demand, here is a script which may be helpful for you. You
can assign a logon or logoff script in a GPO to apply to all the domain
computer.

logon script

@echo off
echo [%date% %time%] >> \\server\share\logon.log
echo %username% log on %computername% to damain: %userdomain% >>
\\server\share\logon.log

logoff script

@echo off
echo [%date% %time%] >> \\server\share\logoff.log
echo %username% log off %computername% to damain: %userdomain% >>
\\server\share\logoff.log

Please note: You may add some lines to the logon and logoff script to write
something to the server share log file. You may need to give write
permission to everyone to get the log accessed by all users.

For more information about logon script, please refer to:

How to assign scripts in Windows 2000
http://support.microsoft.com/kb/322241
(This should be also applied to Windows Server 2003)

Please note: the newsgroup is focus on the Windows server general issues.
For further assistance with this coding/development issue, please consider
our MSDN newsgroup or corresponding scripting newsgroup:

1. MSDN newsgroups
http://msdn.microsoft.com/newsgroups/default.asp

2. Public newsgroups for peer experiences and recommendations:

microsoft.public.windows.server.scripting
http://www.microsoft.com/technet/community/newsgroups/dgbrowser/en-us/defaul
t.mspx?dg=microsoft.public.scripting.vbscript

Hope the information will be helpful and the issue will be resolved soon.

Thanks for the understanding.

David Shen
Microsoft Online Partner Support
 
RE: find on which computer is connected a user

thanks, it is simple but it works so it is a good idea, that i will apply

thanks david and have a nice day
--
nt


"David Shen [MSFT]" wrote:

> Hello NT,
>
> Thanks for the reply.
>
> Based on your demand, here is a script which may be helpful for you. You
> can assign a logon or logoff script in a GPO to apply to all the domain
> computer.
>
> logon script
>
> @echo off
> echo [%date% %time%] >> \\server\share\logon.log
> echo %username% log on %computername% to damain: %userdomain% >>
> \\server\share\logon.log
>
> logoff script
>
> @echo off
> echo [%date% %time%] >> \\server\share\logoff.log
> echo %username% log off %computername% to damain: %userdomain% >>
> \\server\share\logoff.log
>
> Please note: You may add some lines to the logon and logoff script to write
> something to the server share log file. You may need to give write
> permission to everyone to get the log accessed by all users.
>
> For more information about logon script, please refer to:
>
> How to assign scripts in Windows 2000
> http://support.microsoft.com/kb/322241
> (This should be also applied to Windows Server 2003)
>
> Please note: the newsgroup is focus on the Windows server general issues.
> For further assistance with this coding/development issue, please consider
> our MSDN newsgroup or corresponding scripting newsgroup:
>
> 1. MSDN newsgroups
> http://msdn.microsoft.com/newsgroups/default.asp
>
> 2. Public newsgroups for peer experiences and recommendations:
>
> microsoft.public.windows.server.scripting
> http://www.microsoft.com/technet/community/newsgroups/dgbrowser/en-us/defaul
> t.mspx?dg=microsoft.public.scripting.vbscript
>
> Hope the information will be helpful and the issue will be resolved soon.
>
> Thanks for the understanding.
>
> David Shen
> Microsoft Online Partner Support
>
>
 
RE: find on which computer is connected a user

Hello NT,

I am glad that the information will be helpful. If you have any question,
welcome to our newsgroup again.

David Shen
Microsoft Online Partner Support
 
And querying an AD

And querying an AD

Hi,

This is an interesting way to retrieve on which computer a user is connected.

I try to find a way of doing it through visual basic to query the Active Directory.

But i can not succeed, in the documentation of the namespace System.Directoryservices , i can not find how a cn=user is related to a cn=computer...

Could you help me on that ?

Thanks in advance.
 
Re: And querying an AD

Re: And querying an AD

Hello Pierre,

You can not find it, because it is not listed/stored in Active directory.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> Hi,
>
> This is an interesting way to retrieve on which computer a user is
> connected.
>
> I try to find a way of doing it through visual basic to query the
> Active Directory.
>
> But i can not succeed, in the documentation of the namespace
> System.Directoryservices , i can not find how a cn=user is related to
> a cn=computer...
>
> Could you help me on that ?
>
> Thanks in advance.
>
 
Re: And querying an AD

Re: And querying an AD


"Pierre Lemperiere" wrote in message
news:20089252002pierrestephazz@hotmail.fr...
> Hi,
>
> This is an interesting way to retrieve on which computer a user is
> connected.
>
> I try to find a way of doing it through visual basic to query the Active
> Directory.
>
> But i can not succeed, in the documentation of the namespace
> System.Directoryservices , i can not find how a cn=user is related to a
> cn=computer...
>
> Could you help me on that ?
>
> Thanks in advance.

AD does not keep track of which computer each user logged onto. One solution
I've used in the past is a logon script that appends a line to a shared log
file with date/time, user name, and computer name. You can also have a
logoff script log when the user logs off. Other than that, I believe there
are third party tools that keep track of which user is using which computer.

--
Richard Mueller
MVP Directory Services
Hilltop Lab - http://www.rlmueller.net
--
 
Back
Top