If you've ever been asked if you can track a user's usage from home, this may be useful. That is assuming that you have your remote users coming in to your system via some type of terminal services login. If you do, you can use simple batch files and group policy to log your user usage.
Create a login.cmd file with the following:
echo logon %username% %computername% %date% %time% >> \\server\folder\audit_logs\%username%.log
That will create a log file in the shared folder location \\server\folder with the given person's username, along with the computer they used to login and the date/time of their access.
You'll also want to create a logoff.cmd file:
echo logoff %username% %computername% %date% %time% >> \\server\folder\audit_logs\%username%.log
This will append a line to the existing log file for that user, with logoff in the beginning rather than logon. That will allow you to distinguish between logons and logoffs.
Keep in mind that the users you want to monitor will need to have write access to the folder where the logs are stored as their accounts will be the ones actually making the changes to the files. You can enable these files through Active Directory group policy. In your group policy, go to User Configuration-> Windows Settings-> Scripts (Logon/Logoff) and then set each to run at the appropriate time.
No comments:
Post a Comment