In tip 3438 (Where is <Username>?) and links, I used a logon script to record logon information
in a shared folder to answer the 'Where is <Username>' question.
In tip 9400, I used Psloggedon.exe freeware to answer that same question.
A visitor suggested using a logon and logoff script to record the logon and logoff events in the description attribute of both the user and computer Active Directory accounts.
NOTE: See How do I configure a logon script via Group Policy?
I decided to record the logon event in the user description using the following format:
ON YYYYMMDD HHMMSS;NetBIOS ComputerName;Computer DistinguishedName;OFF 00000000 000000.The logoff event in the user description uses the following format:
ON YYYYMMDD HHMMSS;NetBIOS ComputerName;Computer DistinguishedName;OFF YYYYMMDD HHMMSS.The logon event in the computer description uses the following format:
ON YYYYMMDD HHMMSS;UserName;User DistinguishedName;OFF 00000000 000000.The logoff event in the computer description uses the following format:
ON YYYYMMDD HHMMSS;UserName;User DistinguishedName;OFF YYYYMMDD HHMMSS.Here is what my user account description looked like after I logged on yesterday:
ON 20060516 074011;JSI009;CN=JSI009,CN=Computers,DC=JSIINC,DC=COM;OFF 00000000 000000.Here is what my computer account description looked like after I logged on yesterday:
ON 20060516 074011;Jerry;CN=Jerold Schulman,CN=Users,DC=JSIINC,DC=COM;OFF 00000000 000000.I logged off yesterday, resulting in a user account description that looked like:
ON 20060516 074011;JSI009;CN=JSI009,CN=Computers,DC=JSIINC,DC=COM;OFF 20060516 175940and a computer account description that looked like:
ON 20060516 074011;Jerry;CN=Jerold Schulman,CN=Users,DC=JSIINC,DC=COM;OFF 20060516 175940.
Logon Script
If your logon script uses VBScript, add the following lines. If your logon script use a .bat or .cmd batch script, add cscript //nologo FQFN_of_the_following.vbs, likecscript //nologo \\JSIINC.COM\sysvol\JSIINC.COM\Policies\\{31B2F340-016D-11D2-945F-00C04FB984F9\}\User\Scripts\Logon\Logon.vbs:
Set objSys = CreateObject("ADSystemInfo")
Set objUsr = GetObject("LDAP://" & objSys.UserName)
Set objCmp = GetObject("LDAP://" & objSys.ComputerName)
when = Year(Now()) & Right("0" & Month(Now()),2) & Right("0" & Day(Now()),2) & " " _
& Right("0" & Hour(Now()),2) & Right("0" & Minute(Now()),2) & Right("0" & Second(Now()),2)
usrDesc = "ON " & when & ";" & objCmp.CN & ";" & objCmp.DistinguishedName & ";OFF 00000000 000000"
cmpDesc = "ON " & when & ";" & objUsr.sAMAccountName & ";" & objUsr.DistinguishedName & ";OFF 00000000 000000"
objUsr.Description = usrDesc
objUsr.SetInfo
objCmp.Description = cmpDesc
objCmp.SetInfo
Logoff Script
If your logoff script uses VBScript, add the following lines. If your logoff script use a .bat or .cmd batch script, add cscript //nologo FQFN_of_the_following.vbs, likecscript //nologo \\JSIINC.COM\sysvol\JSIINC.COM\Policies\\{31B2F340-016D-11D2-945F-00C04FB984F9\}\User\Scripts\Logoff\Logoff.vbs:
Set objSys = CreateObject("ADSystemInfo")
Set objUsr = GetObject("LDAP://" & objSys.UserName)
Set objCmp = GetObject("LDAP://" & objSys.ComputerName)
when = Year(Now()) & Right("0" & Month(Now()),2) & Right("0" & Day(Now()),2) & " " _
& Right("0" & Hour(Now()),2) & Right("0" & Minute(Now()),2) & Right("0" & Second(Now()),2)
usrDesc = objUsr.Description
cmpDesc = objCmp.Description
work = inStr(usrDesc, ";OFF ")
if work 0 Then
work = work - 1
usrDesc = Left(usrDesc, work) & ";OFF " & when
End If
work = inStr(cmpDesc, ";OFF ")
if work 0 Then
work = work - 1
cmpDesc = Left(cmpDesc, work) & ";OFF " & when
End If
objUsr.Description = usrDesc
objUsr.SetInfo
objCmp.Description = cmpDesc
objCmp.SetInfo
NOTE: See
Where is <UserName> and where is <ComputerName>?
1 comment
Hide comments
