0

I need to log domain user logins & logouts to an Oracle database. Not all computers have Oracle drivers, but one of the domain controllers does.

So I have created a script which writes the information when a person logs in to a folder on the domain controller with Oracle. I have created a script which looks in the appropriate folder and uses an Oracle utility to read all of the files and insert the data into the DB. I could have a scheduled task wake up periodically and read all the files and insert them into Oracle. But most of the time there would be no files there.

What I would prefer to do is to fire off a scheduled task on the domain controller every time someone finishes logging in or out. Of course this brings up permissions issues, etc.Is there a way to create a scheduled task which would allow any domain user to issue a command that would cause the task to run?

Paul Stearns
  • 151
  • 1
  • 2
  • 8
  • Why go that route? Every time a user authenticates to the Domain an entry is written to the security log on the domain controller with username and connection origin host. If you have multiple domain controllers you probably would want to watch all of them. You probably wouldn't catch everything that way but you would get a lot of them. You would also see service requests but not offline logins to hosts with cached credentials. – Rowan Hawkins Mar 26 '20 at 19:37
  • I haven't even figured out how to read the eventviewer to see actual people logging in let alone how to interpret the eventviewer log file programmatically. As you point out their may also be holes in who I capture. Lastly I am extending my capture to when people lock & unlock sessions, which I can only do from the clients as far as I can tell. – Paul Stearns Mar 27 '20 at 13:52
  • Then I suggest you move the question over to System Admin stack. This is for stack addresses people who are professionals doing this for work and can Search simple stuff themselves. I can't See any value to the lock tracking. What would be your goal? What action strategy are you expecting your violating users to follow? – Rowan Hawkins Mar 27 '20 at 20:15
  • Perhaps I should. Bit condescending assuming I can't do simple searches. One of my myriad of tasks is to do SYS Admin stuff. I have on a number of occasions attempted to search the Security Log in the event viewer to find a specific event which shows just User Logins, and I am unable to find the correct incantation. There are many events with a task category of Logon and Logoff. The goal is simple, users are now working from home. I need to track when they are using their Domain computers via RDP. If they leave them logged in they could off doing no work stuff. – Paul Stearns Mar 27 '20 at 20:29
  • Yes, it may have been, I had the name wrong, its "Super User" however there are many interesting things that prevent Windows computer from locking for idle use, for instance streaming audio. A better way to ensure that your workers are working is based on the output of their work. If stuff is getting done on schedule and your customers are happy then do you really need to care about this level of micro management? – Rowan Hawkins Mar 27 '20 at 20:40
  • The short answer is, yes they feel it is important to track these things. No they cannot stream music or video from their domain computer. However this is all irrelevant, I am looking for a solution to a technical problem. – Paul Stearns Mar 28 '20 at 04:00

0 Answers0