none
how can i get which PC(server) a domain user last logon from?

답변

  • Hello,

    as already mentioned there is nothing built in to AD. See the script from Richard Mueller:

    http://www.rlmueller.net/Logon5.htm


    Best regards

    Meinolf Weber
    MVP, MCP, MCTS
    Microsoft MVP - Directory Services
    My Blog: http://msmvps.com/blogs/mweber/

    Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.

    2013년 3월 21일 목요일 오후 12:18
  • Hi,

    Regarding to your request, please understand that Active Directory does not track who logs into which computer by default. If you want to achieve the target, we could try to use script. For details, please refer to the following similar thread. It may be useful to us.

    List All Computers in Domain and Who Logged In to Them Last

    http://social.technet.microsoft.com/Forums/en-US/winserverManagement/thread/07222b08-e975-48f8-bd5d-bf4884ca503e

    Hope this helps.

    Best Regards,

    Andy Qi


    Andy Qi
    TechNet Community Support

    2013년 3월 15일 금요일 오전 8:29
    중재자
  • does anyone know this or ideas? please kindly share  : )

    There is no way to find exactly whats the last PC user logged on, but you can find out which PC user logged on using event ID assuming auditing was configured prior to users logon. Using lastlogontimestamp/lastlogon attribute you can find when user was last logged on, but they are not accurate.


    Awinish Vishwakarma - MVP

    My Blog: awinish.wordpress.com

    Disclaimer This posting is provided AS-IS with no warranties/guarantees and confers no rights.

    2013년 3월 15일 금요일 오전 9:12
    중재자
  • As Andy and Awinish mentioned, AD do not have a feature to track that.

    However, once of the possible ways to do that is to have a logon script for this purpose:

    • Create a share on a Server with right NTFS and Share Permissions. Let's say that it is\\Server\Share\
    • Create a Batch file with this command echo %username%; %computername%; %date% ;%time% >>\\Server\Share\Logons.csv
    • Add the script in a group policy as a logon script

    The Logons.csv will contain the user last logons so whenever you need to check which computer a user logged on the last time, you can use Excel to filter that based on the user logon, date and time.

    However, it is possible to know when was the last time a user logged on against AD. This is possible by querying lastlogon attribute of all the DCs and extract the highest value.

    I have a Powershell script for that:

    ----------------------------------

    ###############################################################
    # Get_User Last_Logon_v1.0.ps1
    # Version 1.0
    # Changelog : n/a
    # MALEK Ahmed - 20 / 01 / 2013
    ###################
    
    ##################
    #--------Config
    ##################
    
    $domain = "domain.com"
    
    ##################
    #--------Main
    ##################
    
    import-module activedirectory
    cls
    "The domain is " + $domain
    $samaccountname = Read-Host 'What is the User samaccountname?'
    "Processing the checks ..."
    $myForest = [System.DirectoryServices.ActiveDirectory.Forest]::GetCurrentForest()
    $domaincontrollers = $myforest.Sites | % { $_.Servers } | Select Name
    $RealUserLastLogon = $null
    $LastusedDC = $null
    foreach ($DomainController in $DomainControllers) 
    {
    	$UserLastlogon = Get-ADUser -Identity $samaccountname -Properties LastLogon -Server $DomainController.Name
    	if ($RealUserLastLogon -le [DateTime]::FromFileTime($UserLastlogon.LastLogon))
    	{
    		$RealUserLastLogon = [DateTime]::FromFileTime($UserLastlogon.LastLogon)
    		$LastusedDC =  $DomainController.Name
    	}
    }
    "The last logon occured the " + $RealUserLastLogon + ""
    "It was done against " + $LastusedDC + ""
    $mesage = "............."
    $exit = Read-Host $mesage

    Just replace domain.com with your domain name and run the script. The script will ask you for the user samaccountname and then will start querying the DCs and provide you with the Last Logon time and date of the user. Note that the processing may take a long time to finish if you have a big number of DCs in your AD environment.


    This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.


    2013년 3월 16일 토요일 오후 7:25

모든 응답

  • does anyone know this or ideas? please kindly share  : )
    2013년 3월 10일 일요일 오전 6:43
  • Hi,

    Regarding to your request, please understand that Active Directory does not track who logs into which computer by default. If you want to achieve the target, we could try to use script. For details, please refer to the following similar thread. It may be useful to us.

    List All Computers in Domain and Who Logged In to Them Last

    http://social.technet.microsoft.com/Forums/en-US/winserverManagement/thread/07222b08-e975-48f8-bd5d-bf4884ca503e

    Hope this helps.

    Best Regards,

    Andy Qi


    Andy Qi
    TechNet Community Support

    2013년 3월 15일 금요일 오전 8:29
    중재자
  • does anyone know this or ideas? please kindly share  : )

    There is no way to find exactly whats the last PC user logged on, but you can find out which PC user logged on using event ID assuming auditing was configured prior to users logon. Using lastlogontimestamp/lastlogon attribute you can find when user was last logged on, but they are not accurate.


    Awinish Vishwakarma - MVP

    My Blog: awinish.wordpress.com

    Disclaimer This posting is provided AS-IS with no warranties/guarantees and confers no rights.

    2013년 3월 15일 금요일 오전 9:12
    중재자
  • As Andy and Awinish mentioned, AD do not have a feature to track that.

    However, once of the possible ways to do that is to have a logon script for this purpose:

    • Create a share on a Server with right NTFS and Share Permissions. Let's say that it is\\Server\Share\
    • Create a Batch file with this command echo %username%; %computername%; %date% ;%time% >>\\Server\Share\Logons.csv
    • Add the script in a group policy as a logon script

    The Logons.csv will contain the user last logons so whenever you need to check which computer a user logged on the last time, you can use Excel to filter that based on the user logon, date and time.

    However, it is possible to know when was the last time a user logged on against AD. This is possible by querying lastlogon attribute of all the DCs and extract the highest value.

    I have a Powershell script for that:

    ----------------------------------

    ###############################################################
    # Get_User Last_Logon_v1.0.ps1
    # Version 1.0
    # Changelog : n/a
    # MALEK Ahmed - 20 / 01 / 2013
    ###################
    
    ##################
    #--------Config
    ##################
    
    $domain = "domain.com"
    
    ##################
    #--------Main
    ##################
    
    import-module activedirectory
    cls
    "The domain is " + $domain
    $samaccountname = Read-Host 'What is the User samaccountname?'
    "Processing the checks ..."
    $myForest = [System.DirectoryServices.ActiveDirectory.Forest]::GetCurrentForest()
    $domaincontrollers = $myforest.Sites | % { $_.Servers } | Select Name
    $RealUserLastLogon = $null
    $LastusedDC = $null
    foreach ($DomainController in $DomainControllers) 
    {
    	$UserLastlogon = Get-ADUser -Identity $samaccountname -Properties LastLogon -Server $DomainController.Name
    	if ($RealUserLastLogon -le [DateTime]::FromFileTime($UserLastlogon.LastLogon))
    	{
    		$RealUserLastLogon = [DateTime]::FromFileTime($UserLastlogon.LastLogon)
    		$LastusedDC =  $DomainController.Name
    	}
    }
    "The last logon occured the " + $RealUserLastLogon + ""
    "It was done against " + $LastusedDC + ""
    $mesage = "............."
    $exit = Read-Host $mesage

    Just replace domain.com with your domain name and run the script. The script will ask you for the user samaccountname and then will start querying the DCs and provide you with the Last Logon time and date of the user. Note that the processing may take a long time to finish if you have a big number of DCs in your AD environment.


    This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.


    2013년 3월 16일 토요일 오후 7:25
  • Hello,

    as already mentioned there is nothing built in to AD. See the script from Richard Mueller:

    http://www.rlmueller.net/Logon5.htm


    Best regards

    Meinolf Weber
    MVP, MCP, MCTS
    Microsoft MVP - Directory Services
    My Blog: http://msmvps.com/blogs/mweber/

    Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.

    2013년 3월 21일 목요일 오후 12:18
  • Please go for a Freeware third party tool such as Lepide Last Log On reporter for the same. This tool will help you to give all the log Details. Free ware but very effective.

    Download the tool from the given link and hope it helps you.

    http://www.lepide.com/last-logon-reporter.html

    Thanks.

    2013년 3월 21일 목요일 오후 2:51