Re: Ideas for second account and logging the actions? - Interestin
- From: Ziad K. Chafi <ZiadKChafi@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 1 Apr 2008 05:40:01 -0700
Hi David,
Now Active Directory does not provide a way to notify administrators when a
user logs on, it can only write the event in event viewer. Now since you are
monitoring only one user, and the user is not logging on frequently, I
suggest that you do it using scripts, just write a script and apply it to
that user at logon using GPO, this way whenever the user logs on an email
will be send to all recipients. I have prepaired a small script that uses CDO
to send email, just copy the script to a .vbs file, edit it as needed, try
running the script, and then apply it using Group Policy
Set objMessage = CreateObject("CDO.Message")
objMessage.Subject = "User Logon"
objMessage.From = "from@xxxxxxxxxx"
objMessage.To = "to@xxxxxxxxxx"
objMessage.TextBody = "The user logged on"
objMessage.Configuration.Fields.Item
("http://schemas.microsoft.com/cdo/configuration/sendusing";) = 2
objMessage.Configuration.Fields.Item
("http://schemas.microsoft.com/cdo/configuration/smtpserver";) = "192.168.1.1"
objMessage.Configuration.Fields.Item
("http://schemas.microsoft.com/cdo/configuration/smtpserverport";) = 25
objMessage.Configuration.Fields.Update
objMessage.Send
Regards.
--
Ziad K. Chafi
MCT, MCTS, MCDBA, MCSE: S, MCDST
CompTIA A+, CompTIA N+,
"David Naffy" wrote:
Thanks..
So as admins you would accept that a secondary account that is a domain
admin for the boss would be OK?
He does not want to use this account often. However another boss said he
would allow this but ONLY if we knew what he had done and when he used it.
And because it would be inactive most of the time we would need to be
notified when it was used so for example if used and he was away we could
react quickly.
So when used we would need an e-mail. I've no idea if that is possible.
That's one requirement.
Thanks.
"Anthony [MVP]" <anthony@xxxxxxxxxxxx> wrote in message
news:OAwlgj%23kIHA.1164@xxxxxxxxxxxxxxxxxxxxxxx
That's normal.
Set up Auditing in the Group Policy Security Settings to be able to track
events. I'd suggest posting back with more specific questions if Auditing
does not give you what you need
Hope that helps,
Anthony
http://www.airdesk.co.uk
"David Naffy" <David Naffy@xxxxxxxxxx> wrote in message
news:Ooty8C%23kIHA.2276@xxxxxxxxxxxxxxxxxxxxxxx
Hi,
Our company want to set up one account for the boss to have a secondary
account that has access to everything (so a domain admin).
This will no be used day to day.
He wants this because he does. Simple as that.
First of all is this the correct action? Do other people do this?
Second of all there is a request to know the second that it is used - to
be alerted by e-mail or to somehow know the actions that have been taken.
We've got 100s of servers and workstations.
How on earth would this be done?
It's quite an interesting discussion and would like to here your
ideas/suggestions and comments.
Thanks.
- Follow-Ups:
- Re: Ideas for second account and logging the actions? - Interestin
- From: David Naffy
- Re: Ideas for second account and logging the actions? - Interestin
- References:
- Prev by Date: Intersite replication not working
- Next by Date: Re: Intersite replication not working
- Previous by thread: Re: Ideas for second account and logging the actions? - Interesting help please.
- Next by thread: Re: Ideas for second account and logging the actions? - Interestin
- Index(es):
Relevant Pages
|
