Re: How can we know which user has log in the domain?
- From: "Herb Martin" <news@xxxxxxxxxxxxxx>
- Date: Mon, 27 Nov 2006 04:28:02 -0500
"Paul Bergson [MVP-DS]" <pbergson@xxxxxxxxxxxxxxxxx> wrote in message
news:uoqboFaDHHA.4508@xxxxxxxxxxxxxxxxxxxxxxx
You can check the last logon. There are several options available and
have already been written. When you check the last logon it is only for
that dc, so you have to check all dc's to learn the latest logon.
Adding to Paul's message (and mine):
One of the problems here is terminology -- which is
misleading, especially when admins use it incorrectly
which is very common both by those of us who know
the difference (in words) and those who just do not.
Generally, no one (except Admin types) ever "logs into"
a DC, or even to the domain (in some real sense.)
One log into (or logs on at) a COMPUTER, but in most
cases first AUTHENTICATES using a DC and a domain
account.
So to ask about "log in [to] the domain" is a misleading
question itself -- one authenticates with the domain (
literally with A DC of the domain) to login at some
machine or to do many other things.
So a user may be authenticated many times throughout
the course of accessing domain resources, or even the
resources of a different domain than than the one used
to login at a particular machine. (I.E., one can be
logged into a machine in one domain and still authenticate
separate to access resources in another [even untrusted]
domain.)
To summary:
Users authenticate with (or against) a DC and Domain
Account.
Users logon to computers (usually computers that are
in some particular domain) using either local or domain
credentials to authenticate.
Once you get the terminology out of the way it becomes
a lot more obvious why even third party (add-on) tools
have trouble figuring out "if or when a user 'logged onto'
the domain." (Because they really don't do that.)
--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]
"Paul Bergson [MVP-DS]" <pbergson@xxxxxxxxxxxxxxxxx> wrote in message
news:uoqboFaDHHA.4508@xxxxxxxxxxxxxxxxxxxxxxx
You can check the last logon. There are several options available and
have already been written. When you check the last logon it is only for
that dc, so you have to check all dc's to learn the latest logon.
oldcmp from joeware
or I hava e script at www.pbbergs.com select downloads and download the
Account Attributes script
--
Paul Bergson
MVP - Directory Services
MCT, MCSE, MCSA, Security+, BS CSci
2003, 2000 (Early Achiever), NT
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no
rights.
"George" <George@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:F6AF90B1-EEAC-4D38-A083-4C73772B627A@xxxxxxxxxxxxxxxx
How can I check if a user has ever logged in from the DC side?
"Paul Bergson [MVP-DS]" wrote:
There is a third party freeware utility that could possibly help if you
are
running in a 2003 environment. Limit Logon can track user logons.
Check it
out at:
http://www.microsoft.com/technet/technetmag/issues/2005/05/UtilitySpotlight/default.aspx
--
Paul Bergson
MVP - Directory Services
MCT, MCSE, MCSA, Security+, BS CSci
2003, 2000 (Early Achiever), NT
http://www.pbbergs.com
Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no
rights.
"George" <George@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:EE41C357-8917-44F7-8F11-C1CE6401C11B@xxxxxxxxxxxxxxxx
I have a DC and I would like to know which user has log into the domain
and
when. Is it possible?
Thanks
.
- References:
- Re: How can we know which user has log in the domain?
- From: Paul Bergson [MVP-DS]
- Re: How can we know which user has log in the domain?
- From: Paul Bergson [MVP-DS]
- Re: How can we know which user has log in the domain?
- Prev by Date: Re: restore active directory from other DC
- Next by Date: Re: SFS / Local / Group policy
- Previous by thread: Re: How can we know which user has log in the domain?
- Next by thread: Detaching part of a forest ?
- Index(es):
Relevant Pages
|
