Re: Determine When a User Logged In

---

• From: "Jim Carlock" <anonymous@localhost>
• Date: Sat, 26 Jul 2008 13:54:17 -0400

---

"expvb" wrote...

The Run entries in HKLM are executed for every user that logs in,
including terminal services and fast user switching.

"MikeD" replied...
: You sure about that? I'd think you want to use HKCU. Don't the Run
: entries in HKLM only run when Windows starts?

Then there's also when the screen saver activates where a login is
required. What's going to occur in that instances? As far as I know
it just provides a secure way to turn to the screen saver on/off to
allow the enduser some reasonable security. The system needs some
special configurations in place maybe to get this working, but does
it actually log one back in or does it just restore the screen. And
then one needs to check for those Hibernation situations as well.

And finally things like the system audits logging in. It does appear
as a user login (possibly)...

<snip type="Security Event" application="eventvwr.exe">

Event Type: Success Audit
Event Source: Security
Event Category: Privilege Use
Event ID: 576
Date: 7/26/2008
Time: 1:38:42 PM
User: KNOWWHAT\WhoYouAre
Computer: KNOWWHAT
Description:
Special privileges assigned to new logon:
User Name:
Domain:
Logon ID: (0x0,0x0101A93)
Privileges: SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeChangeNotifyPrivilege

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

</snip>

--
JC
Happy Sabbath
Natural Cure For Pink-Eye (Conjunctivitis)
http://www.associatedcontent.com/article/381336/saliva_a_natural_cure_for_conjunctivitis.html



.

---

• References:
  • Indicator to Run One Time
    • From: Rick Raisley
  • Determine When a User Logged In
    • From: Rick Raisley
  • Re: Determine When a User Logged In
    • From: expvb
  • Re: Determine When a User Logged In
    • From: MikeD

• Prev by Date: Re: Application error when using VB6 Intrinsic Controls
• Next by Date: Re: Determine When a User Logged In
• Previous by thread: Re: Determine When a User Logged In
• Next by thread: Re: Determine When a User Logged In
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Determine When a User Logged In ... The Run entries in HKLM are executed for every user that logs in, ... including terminal services and fast user switching. ... the Run entries in HKLM only run after a user logs in. ... (microsoft.public.vb.general.discussion) Re: Odd semi-crash or hang ... More details after reboot. ... Cannot find anything specific in logs, ... are some odd entries earlier this morning, ... Trying to reach it through remote desktop, ... (microsoft.public.windows.server.sbs) Re: Help with a shell script ... > I have about a years worth of text logs that have the following format: ... > I need to change the entries in the file to be semicolon separated. ... So your sed command file will look something like this, ... (comp.unix.shell) Re: my log files-is there any problem ... >I am little concerned with these 2 means are these the normal entries ... >root 313 times isn't it too much. ... For the sendmail logs, nothing much to worry as a relaying attempt was ... (Fedora) Re: slow slow windows start up ... No errorshould exist in either System or the Application logs. ... There will always be Informational type entries, ... It has the same layout as Windows ... >> time Left Click System Then look in the Right Pane ... (microsoft.public.windowsxp.general)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > VB  > microsoft.public.vb.general.discussion  > 2008-07