Re: Recording LogonLogoff
- From: "SuperGumby [SBS MVP]" <not@xxxxxxxxxxx>
- Date: Sat, 23 Apr 2005 10:38:55 +1000
we're agreeing to disagree :-) not unusual for us.
How you implement such a thing is one of those 'choice' things:
You can enable logon/logoff auditing and use the Event Logs or you can
implement the scripts and have a simple text file (which BTW very easily
imports into Excel).
I know which I prefer, umm, Kev's method (BWAHAHHAAHAHAHA).
"jimtotem" <jimtotem@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:032F32DD-75F3-47C2-AA9D-CAD7D604F960@xxxxxxxxxxxxxxxx
> Hi everyone,
>
> What are we agreeing to?
>
> I am running on a single domain controller (DC) and want to (for HIPPA
> security purposes) record (in a log of some sort) users logging on, from
> about 15 workstations, to the server which has "electronic patient health
> information" (ePHI).
>
> It would be great if I could view it via the Event Viewer, but not
> necessarily.
>
> Please straighten me out!
>
> Jim
>
> "SuperGumby [SBS MVP]" wrote:
>
>> no, you use the netlogon share in conjunction with the GPO.
>>
>> Items in netlogon do not get automatically started.
>>
>> "Javier Gomez [SBS MVP]" <javier_gomez@xxxxxxxxxxxxxxxxxxxxxxxx> wrote in
>> message news:ugNldW4RFHA.4068@xxxxxxxxxxxxxxxxxxxxxxx
>> > One important point is that you should use the Netlogon share *or*
>> > GPOs.
>> > If you use both... then you will get the same script running 2 times.
>> >
>> > --
>> > Javier [SBS MVP]
>> > www.msmvps.com/javier
>> > << SBS ROCKS!!! >>
>> >
>> > "SuperGumby [SBS MVP]" <not@xxxxxxxxxxx> wrote in message
>> > news:OgzRbB4RFHA.1476@xxxxxxxxxxxxxxxxxxxxxxx
>> >> the logon.cmd and logoff.cmd are best stored on the SBS in
>> >> C:\WINDOWS\SYSVOL\sysvol\lc.lan\scripts (replace lc.lan with your
>> >> local
>> >> domain), the netlogon folder.
>> >>
>> >> In a single DC environment you can then set the policy to an absolute
>> >> UNC
>> >> of
>> >> \\sbs\netlogon\logon.cmd or \\sbs\netlogon\logoff.cmd.
>> >> In a multiple DC AD you might want to use a variable in the
>> >> specification
>> >> %LOGONSERVER%\netlogon\logon.cmd and %LOGONSERVER%\netlogon\logon.cmd
>> >> as
>> >> the
>> >> netlogon will be replicated between peer DC's.
>> >>
>> >> With you putting the file in c:\logon.cmd and c:\logoff.cmd you would
>> >> need to
>> >> a) copy the files to the same location on every workstation
>> >> b) specify the files as c:\logon.cmd and c:\logoff.cmd in the proup
>> >> policy
>> >> c) manually update all copies if you wanted to implement change
>> >>
>> >>
>> >> "jimtotem" <jimtotem@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
>> >> news:3C6BA91C-4163-421E-A3A4-00746DF16417@xxxxxxxxxxxxxxxx
>> >>>I am embarrased to admit it, but I still can't make it work.
>> >>> I created the two "logon.cmd" and Logoff.cmd" files and located them
>> >>> on
>> >>> my
>> >>> root C: drive.
>> >>> I then set the Group Polict (Scripts (Logon)) to "logon.cmd"
>> >>> I guess I don's know which log file to check? I do not see it in my
>> >>> "Event
>> >>> Viewer."
>> >>>
>> >>> "Frustrated" Jim
>> >>>
>> >>>
>> >>> "Kevin Weilbacher [SBS-MVP]" wrote:
>> >>>
>> >>>> I've updated my blog to reflect Javier's input. Thanks!
>> >>>> http://msmvps.com/kwsupport/archive/2005/02/24/36942.aspx
>> >>>>
>> >>>> --
>> >>>> Kevin Weilbacher [SBS-MVP]
>> >>>> "The days pass by so quickly now, the nights are seldom long"
>> >>>>
>> >>>>
>> >>>> "Rick Dilley" <rdilley@xxxxxxxxxxxxxxxx> wrote in message
>> >>>> news:ehlHjjpRFHA.3560@xxxxxxxxxxxxxxxxxxxxxxx
>> >>>> > Exactly Which GP has to be changed?
>> >>>> >
>> >>>> > RickD
>> >>>> >
>> >>>> > "Javier Gomez [SBS MVP]" <javier_gomez@xxxxxxxxxxxxxxxxxxxxxxxx>
>> >>>> > wrote
>> >>>> > in
>> >>>> > message news:OYaJEL4PFHA.4024@xxxxxxxxxxxxxxxxxxxxxxx
>> >>>> >> GP = Group Policy
>> >>>> >>
>> >>>> >> --
>> >>>> >> Javier [SBS MVP]
>> >>>> >> www.msmvps.com/javier
>> >>>> >> << SBS ROCKS!!! >>
>> >>>> >>
>> >>>> >> "Jim" <totemconsultants@xxxxxxxxxxx> wrote in message
>> >>>> >> news:05fe01c53f7f$f88c06d0$a601280a@xxxxxxxxxx
>> >>>> >> > Please pardon my ignorance, but what is "GP"?
>> >>>> >> > Jim
>> >>>> >> >>-----Original Message-----
>> >>>> >> >>Here's a poor man's way of tracking user login's:
>> >>>> >> >>http://msmvps.com/kwsupport/archive/2005/02/24/36942.aspx
>> >>>> >> >>
>> >>>> >> >>--
>> >>>> >> >>Kevin Weilbacher [SBS-MVP]
>> >>>> >> >>"The days pass by so quickly now, the nights are seldom
>> >>>> >> > long"
>> >>>> >> >>
>> >>>> >> >>
>> >>>> >> >>"Jim" <totemconsultants@xxxxxxxxxxx> wrote in message
>> >>>> >> >>news:05cc01c53f7a$33603430$a601280a@xxxxxxxxxx
>> >>>> >> >>>I want to record, in a security log file, the users
>> >>>> >> >>> logging on and off. I tried to setup the Event Viewer
>> >>>> >> >>> Security Log, but do not record anything.
>> >>>> >> >>>
>> >>>> >> >>> I am using Windows 2000 Serve.
>> >>>> >> >>>
>> >>>> >> >>> Thank you for your assistance.
>> >>>> >> >>>
>> >>>> >> >>> Jim
>> >>>> >> >>>
>> >>>> >> >>
>> >>>> >> >>
>> >>>> >> >>.
>> >>>> >> >>
>> >>>> >>
>> >>>> >>
>> >>>> >
>> >>>> >
>> >>>>
>> >>>>
>> >>>>
>> >>
>> >>
>> >>
>> >
>> >
>>
>>
>>
.
- Follow-Ups:
- Re: Recording LogonLogoff
- From: Kevin Weilbacher [SBS-MVP]
- Re: Recording LogonLogoff
- References:
- Recording LogonLogoff
- From: Jim
- Re: Recording LogonLogoff
- From: Kevin Weilbacher [SBS-MVP]
- Re: Recording LogonLogoff
- From: Jim
- Re: Recording LogonLogoff
- From: Javier Gomez [SBS MVP]
- Re: Recording LogonLogoff
- From: Rick Dilley
- Re: Recording LogonLogoff
- From: Kevin Weilbacher [SBS-MVP]
- Re: Recording LogonLogoff
- From: jimtotem
- Re: Recording LogonLogoff
- From: SuperGumby [SBS MVP]
- Re: Recording LogonLogoff
- From: Javier Gomez [SBS MVP]
- Re: Recording LogonLogoff
- From: SuperGumby [SBS MVP]
- Re: Recording LogonLogoff
- From: jimtotem
- Recording LogonLogoff
- Prev by Date: Re: Recording LogonLogoff
- Next by Date: CALs Between SBS 2000 and Windows Server 2003 - IIS
- Previous by thread: Re: Recording LogonLogoff
- Next by thread: Re: Recording LogonLogoff
- Index(es):
Relevant Pages
|
