Re: Logging User Login and Logoff
- From: "Yoder" <cyoder@xxxxxxxxx>
- Date: Tue, 4 Apr 2006 17:58:33 -0400
Thanks...sounds like I'll write my own service.
-Chris
"JPolicelli" <JPolicelli@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:F9493934-7304-4FD4-8DA7-2566495CEA00@xxxxxxxxxxxxxxxx
This really depends on the size of your environment and the number of
domain
controllers.
If you have a handful of DCs, then I would simply turn Success and/or
Failure auditing for "Audit account logon events" in the Default Domain
GPO,
which is in the Computer Configuration\Windows Settings\Security
Settings\Local Policies\Audit Policy section of the GPO. You can then
write a
script to query the Security logs of your one or more DCs, or use
eventcombmt.exe from MS resource kit.
If you have a large number of DCs, I would look at using a third-party
product to scrap the Security log on your DCs. Microsoft Operations
Manager
is an example and it does a good job of collecting this information.
"Yoder" wrote:
What is the easiest way to log this activity? I could play a game with
login
scripts to do an ugly work around to know about logins but there must be
some simple tracking I can enable either in active directory isn't there?
.
- References:
- Logging User Login and Logoff
- From: Yoder
- Logging User Login and Logoff
- Prev by Date: Re: Remote Administration
- Next by Date: Re: Winlogon Memory Leak
- Previous by thread: Logging User Login and Logoff
- Next by thread: Joining domain question
- Index(es):
Relevant Pages
|
