OnePlus 5 review
I've been looking into trackng the users on the a network - specifically i need to track when users log on and off and if possible when a user locks their computer ?
I have been reading up on the process and it looks like it is done through domain security settings - in Audit Policy.
At first i thought this could be done through Event Viewer but i soon noticed that only reported on the local machine (the server). So far i've only found my way to "Domain Secuirty Policy" under the Administrator Tools but i can not see how to set or view the logs created ...
any help out there ?? or anybody know of better ways to view log on details for domain accounts >?
And here's a little light bedtime reading for you!
This is how to log Domain events in XP. Hopefully Server2003 is similar.
To turn on security logging for a domain controller
Open Active Directory Users and Computers.
In the console tree, click Domain Controllers.
Where to find it:
Active Directory Users and Computers
Click Action, and then click Properties.
On the Group Policy tab, click the policy you want to change, and then click Edit.
In the Group Policy window, in the console tree, click Audit Policy.
Where to find it:
In the details pane, double-click the attribute or event you want to audit.
In Properties, click the options you want, and then click OK.
Repeat steps 6 and 7 for other events you want to audit.
To open Active Directory Users and Computers, click Start, point to Programs, point to Administrative Tools, and then click Active Directory Users and Computers.
The security log is limited in size. Select the events to be audited carefully, and consider the amount of disk space you are willing to devote to the security log.
If security auditing has been enabled on a remote computer, you can view the event logs remotely with Event Viewer. Open the MMC console in author mode and add Event Viewer to the console. When prompted to specify which computer the snap-in will manage, click Another computer and enter the name of the remote computer.
Security auditing for workstations, member servers, and domain controllers can be enabled remotely only by domain administrators. To do this, create an organizational unit, add the desired computer account or accounts to the organizational unit, and then, using Active Directory Users and Computers, create a policy to enable security auditing. Use the same procedures for turning on security logging for a domain controller except instead of clicking Domain Controllers in the console tree, click domain name.
Thanks very much Ditch999 ! thats done what i wanted. :)
This thread is now locked and can not be replied to.