Announcement

Collapse
No announcement yet.

Logging users (AD policy)

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Logging users (AD policy)

    I want to log my users when they log on/off there computers. I have it set in AD to log this information via event viewer. THe problem i am having is when a user logs in to his pc i have no less then 100 entries in even viewer on my DC. Needless to say with over 50 users the log is over 30 megs/day and trying to weed through everything is a task.

    Management wants something extremely simple that says Suzy logged in to her computer at 9am and logged out at 5PM. Is this possible via event log? if so what do i need to change AD to accomplish this (and hopefully weed out the unneeded events)? Thanks for the help!

  • #2
    Re: Logging users (AD policy)

    You can filter it in the eventviewer but you also can create a logon/logoff script.
    Marcel
    Technical Consultant
    Netherlands
    http://www.phetios.com
    http://blog.nessus.nl

    MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
    "No matter how secure, there is always the human factor."

    "Enjoy life today, tomorrow may never come."
    "If you're going through hell, keep going. ~Winston Churchill"

    Comment


    • #3
      Re: Logging users (AD policy)

      Thanks for the reply. I don't think my auditing is set correctly in AD as I am getting 100+ entries in my log file for each person that logs into the domain. I would like to check against someone elses settings. (maybe this is how its supposed to be but i wouldn't think so)

      I thought about a logging script. That would be easy enough to setup but I would really like to know if AD could do this for me.

      Can anyone provide me with what auditing should be turned on for my DC in my AD DC policy?

      Comment

      Working...
      X