Announcement

Collapse
No announcement yet.

Audit user activity in terminal server session

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Audit user activity in terminal server session

    Hi,

    I am trying to find a way to audit who is logged in to a server, how long they have been logged in for and what the idle time is. We are running a mixture of Server 2003/2008 environments but our remote server is running 2003.

    I'd like to be able to specify dates/times to retrieve this information when needed. The main purpose is to ensure staff who are 'working from home' are actually working and not 'working'. Is there a piece of software, or a setting I can use or turn on to get this kind of info?

    Any other suggestions would be great!

    Thanks.

  • #2
    Re: Audit user activity in terminal server session

    Have a look at http://www.observeit-sys.com/

    We're looking at implementing it in our org to safeguard what happens to servers.

    Comment


    • #3
      Re: Audit user activity in terminal server session

      Moved to TS forum for better response
      Tom Jones
      MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
      PhD, MSc, FIAP, MIITT
      IT Trainer / Consultant
      Ossian Ltd
      Scotland

      ** Remember to give credit where credit is due and leave reputation points where appropriate **

      Comment


      • #4
        Re: Audit user activity in terminal server session

        You can use Quest monitoring tools or

        http://www.lanaudit.net/product/13/t...server+monitor etc.
        Best Regards,

        Yuval Sinay

        LinkedIn: https://www.linkedin.com/in/yuval14, Blog: http://blogs.microsoft.co.il/blogs/yuval14

        Comment


        • #5
          Re: Audit user activity in terminal server session

          Well I work a lot from home, probably more from home then from the office.
          For sure I'm sometimes going to do things like grocery or such, but still I probably work about 50-60h a week. Secondly I never use my VPN to my office, in fact I'm mostly connected to my VPN within the lab environment. Personally I've no use of the business LAN

          I do think it's also a matter of trust from the management towards the employees. Companies who implements flexible working strategy shouldn't manage based on the number of hours, but on performance. That's a different strategy which also my management needed to learn. After all, it's more important the job is done then someone is reading the newspaper on the office.

          Therefore I'm not in favor of using monitoring software as it would make a violation of trust. Simply because I could open Word or whatever and put some weight on my keyboard to fake user input. At least I've user activity which would prevent me from falling into an idle session.

          Recording screens or sessions might violate the privacy from the user by law, depending in which country, and you probably need to tell the users they are videotaped.
          Marcel
          Technical Consultant
          Netherlands
          http://www.phetios.com
          http://blog.nessus.nl

          MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
          "No matter how secure, there is always the human factor."

          "Enjoy life today, tomorrow may never come."
          "If you're going through hell, keep going. ~Winston Churchill"

          Comment


          • #6
            Re: Audit user activity in terminal server session

            I know this is a technical forum, but i agree with Dumber on this.
            Having worked somewhere that used to regularly re-watch staff working (using Spector) it does appear to cause low moral more often than not.
            Some staff are often more concerned about making mistakes and spending too much time researching problems then concentrating on their work freely.
            As pointed out; log on, off and idle times can be adhered to anyway if someone wanted to make out they were working when they weren't.

            Comment


            • #7
              Re: Audit user activity in terminal server session

              While i understand what you guys are saying, and if it were me then i wouldn't do it, its not what the OP wanted.

              For all we know this could already have been hashed out by the management team and HR and this is what they want.

              Comment


              • #8
                Re: Audit user activity in terminal server session

                Originally posted by wullieb1 View Post
                While i understand what you guys are saying, and if it were me then i wouldn't do it, its not what the OP wanted.

                For all we know this could already have been hashed out by the management team and HR and this is what they want.
                Fair point!

                Comment


                • #9
                  Re: Audit user activity in terminal server session

                  there's also Spector360....
                  Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

                  Comment


                  • #10
                    Re: Audit user activity in terminal server session

                    Originally posted by wullieb1 View Post
                    While i understand what you guys are saying, and if it were me then i wouldn't do it, its not what the OP wanted.

                    For all we know this could already have been hashed out by the management team and HR and this is what they want.
                    Although this is a technical forum, I do think you should point them on the other side of the medallion when there is no mention of it. IMHO a lot of system administrators want to see to much although there is no need for it.

                    If it is hashed out, then well there are indeed certain solutions. However implementing a flexible working strategy do require a change of mind from the management as well. Management from my company found it quite hard to adapt it, but they did.
                    Marcel
                    Technical Consultant
                    Netherlands
                    http://www.phetios.com
                    http://blog.nessus.nl

                    MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
                    "No matter how secure, there is always the human factor."

                    "Enjoy life today, tomorrow may never come."
                    "If you're going through hell, keep going. ~Winston Churchill"

                    Comment

                    Working...
                    X