0

I need a program/tool capable of periodically report the users logged in into the domain controlled by a Windows 2008 AD Server. A solution without periodically checking is also OK, because it's easy to run something scheduled. Also, I would prefer some command line tool, so I can write a script to wrap it's output and send it to another machine.

PS: I am only interested in built-in or free tools.

Thanks a lot.

Zoredache
  • 130,897
  • 41
  • 276
  • 420
Patkos Csaba
  • 205
  • 1
  • 2
  • 8

4 Answers4

1

Active Directory domains don't maintain 'session state', it's just a directory, you won't be able to retrieve a list of logged in users.

You can get the last login date of each user but would require a script to check every domain controller in your domain (script link).

BoyMars
  • 1,012
  • 1
  • 6
  • 15
  • I guess if you wanted to do something fancy with the event logs you can try this: http://serverfault.com/questions/18396/how-to-tell-what-time-a-domain-user-logged-in – BoyMars Nov 11 '10 at 10:08
  • another suggestion enumerates every user logged into every pc, but requires 'psloggedin' from SysInternals to be installed: http://www.windowsitpro.com/article/jsifaq/jsi-tip-8433-another-way-to-determine-who-is-currently-logged-on-to-your-domain-.aspx – BoyMars Nov 11 '10 at 10:31
  • This is an useful answer, and the link from the comment solves my problem, so I accept it. Thank you. – Patkos Csaba Nov 11 '10 at 11:51
  • my idea is to minimize network traffic for this. The purpose of the project is to communicate logged-in users (or login/logout events) to another machine which will take some actions based on the IP's and users logged in. I want to minimize the network traffic and query time, so a little tray application querying the logs on the AD seems to be the best solution, however I take notice of your comment because it may be useful in some situations. Thanks. – Patkos Csaba Nov 11 '10 at 11:55
1

You could, in a logon script, create a line that makes a file?

Something like?

net time >> \server\logonlogs\%username%.txt

Then in a logoff script del %username%.txt

Tubs
  • 1,204
  • 3
  • 12
  • 19
  • 1
    I'm not advocating this method, but if someone decides to try this, remember to do net `time >> \\server\logonlogs\%hostname%-%username%.log` , since it is possible to log in on several computers at the same time. – ptman Nov 16 '10 at 13:50
  • Logon scripts should be added/modified on each client, right? I am interested to find out all the necessary information without intervention on the client machines, sorry if I wasn't clear enough in my question. I am not a Windows expert, so excuse me if my question is stupid. – Patkos Csaba Nov 17 '10 at 20:28
  • I would have thought as a domain, you'd already have a central logon scripts, and it would be adding to that. – Tubs Oct 12 '11 at 12:51
0

I have a logon/logoff script that modifies the description property of the computer object in AD with the username - date/time.

Matt
  • 1,142
  • 1
  • 12
  • 32
0

PowerShell Script

$searcher = New-Object DirectoryServices.DirectorySearcher([adsi]"") 
$searcher.filter = "(objectclass=user)" 
$users = $searcher.findall() 

Foreach($user in $users) 
{ 
 if($user.properties.item("lastLogon") -ne 0) 
  { 
   $a = [datetime]::FromFileTime([int64]::Parse($user.properties.item("lastLogon"))) 
   "$($user.properties.item(`"name`")) $a" 
  } 
}
Muhammad Osama
  • 1