Re: User Login Logging

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: Vera Noest [MVP] (vera.noest_at_remove-this.hem.utfors.se)
Date: 04/09/04 

Date: Fri, 09 Apr 2004 12:00:48 -0700

You don't need a DC to enable auditing. Use the default security
policy on the TS:
Computer Configuration\Windows Settings\Security Settings\Local
Policies\Auditing

And you *do* run a TS-specific logon script already: usrlogon.cmd.
You can easily define your own TS-specific logon script, as
explained in KB 195461.

 --
Vera Noest
MCSE, CCEA, Microsoft MVP - Terminal Server
http://hem.fyristorg.com/vera/IT
 --- please respond in newsgroup, NOT by private email ---

"Sylvan Jonas" <sjonas(rEm0vEtH1S)@brouse.com> wrote in
news:eos7jtiHEHA.3464@TK2MSFTNGP10.phx.gbl:

> First of all, let me thank you for your ideas and prompt
> response.
>
> I don't know where I would enable auditing of security events on
> the TS. It's not a domain controller. And since it's not a
> domain controller, I don't have a TS-specific login script
> either. Do you know of anyway I can use the file-creation
> script in a NetWare login script?
>
> Any other ideas?
>
> Thanks,
> Sylvan
> "Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se> wrote
> in message
> news:Xns94C5CF840558Everanoesthemutforsse@207.46.248.16...
>> If you enable auditing of security events, you will see all
>> logon and logoff events in the Security tab of the EventLog on
>> the TS.
>>
>> You can filter and export these events once a month to a tab-
>> delimited textfile for further processing.
>>
>> Or you could make your own, very simple logon report by adding
>> a line to your TS-specific login script:
>>
>> echo %username% %clientname% %date% %time% >> logon.log
>>
>> 195461 - How to Set Up a Logon Script Only for Terminal Server
>> Users
>> http://support.microsoft.com/?kbid=195461
>>
>> --
>> Vera Noest
>> MCSE, CCEA, Microsoft MVP - Terminal Server
>> http://hem.fyristorg.com/vera/IT
>> --- please respond in newsgroup, NOT by private email ---
>>
>> "Sylvan Jonas" <sjonas(rEm0vEtH1S)@brouse.com> wrote in
>> news:Os64CJYHEHA.2580@TK2MSFTNGP12.phx.gbl:
>>
>> > We are using a Windows NT environment, but have a Windows
>> > 2000 Server that we use for Terminal Services. We are also
>> > using NetWare 5.x as our primary login authentication. Is
>> > there a way that we can track who has connected through
>> > terminal services? Is there some type of logging feature?
>> >
>> > Thanks,
>> > Sylvan Jonas

Relevant Pages

  • Re: User Login Logging
    ... I don't know where I would enable auditing of security events on the TS. ... use the file-creation script in a NetWare login script? ... >> Server that we use for Terminal Services. ...
    (microsoft.public.windows.terminal_services)
  • Re: Authentication Auditing
    ... You have to enable auditing of "logon events" for the domain computers which ... could be done in Domain Security Policy. ... The reason "audit logon events" does not ... work for domain computers is because the account logon event is only ...
    (microsoft.public.win2000.security)
  • Re: Remove Everyone denies access
    ... You should enable auditing on the computer and then enable at least failed ... file access on all the files on your web server [auditing is edited in more ... good idea both for security as well as troubleshooting purposes. ... If the folder containing the files is set to "high" or ...
    (microsoft.public.inetserver.iis.security)
  • Re: Audit folder access
    ... First you need to enable auditing on the machine. ... Local Security Policy or Group Policy. ... Policy - expand Local Policies, click on Audit Policy, and in the right pane ...
    (microsoft.public.windows.server.general)
  • Login Scripts
    ... I am use to setting up login scripts and security using ... editor to set the reg based security policy for users. ... login script to set permissions but the login script run ... Basically how do i set permissions for users in the ...
    (microsoft.public.windowsxp.security_admin)