Active Directory searching, advice ?

[test123]

Hello my first post

I`m not a PC pro so my question my sound stupid but i`ll give it a try.

Is there a way in AD to find out which user is logged to which computer?

For example i have a users ID/logon name and want to find out on wich PC he is logged on?

And is there a way to see the current IP address of a PC searched through AD,

because now to find out the ip i have to ping the PC ( >ping PCNAME )

I tried some combination of "dsquery" and "dsget" but witch no success.

Thx in advance for any replies

[eXtermia]

IF you are an admin you can just use PSLOGGEDON from SYSINTERNALS (now owned by microsoft)

the below post is a VBSCRIPT that should call PSLOGGEDON.EXE (in your script directory)

you can call it whoislog.vbs

the second part is the OU.TXT for inputing the OUs you want to check against.

(save the text portions without the **** area in two seperate files inside C:\scripts with a copy of pssloggedon.exe)

at a command prompt

C:\scripts >

type then "CSCRIPT whoislog.vbs" sans quotes

Edited September 19, 2006 by eXtermia

[eXtermia]

**********************************************************************************

whoislog.vbs

**********************************************************************************

On Error Resume Next

Const wbemFlagReturnImmediately = &h10

Const wbemFlagForwardOnly = &h20

OutputFile="c:\scripts\whoisloggedon.txt"

Set oFSO = CreateObject("Scripting.FileSystemObject")

Set oFile = oFSO.CreateTextFile(OutputFile, True)

InputFile="c:\scripts\OU.txt"

Set ifile = iFSO.OpenTextFile(inputfile)

Do until ifile.AtEndOfLine

strComputerContainer = ifile.ReadLine

Set objContainer = GetObject("LDAP://" & strComputerContainer)

objContainer.Filter = Array("Computer")

'Set StdOut = WScript.StdOut

Set objShell = CreateObject("WScript.Shell")

Dim strAdminResults

Dim strGuestResults

on error resume next

For Each objComputer In objContainer

strComputer = Split(objComputer.Name, "=")(1)

oFile.WriteLine now()

oFile.WriteLine(" ")

oFile.WriteLine("Computer: " & strComputer)

oFile.WriteLine("---------------------------------------------------")

Set objScriptExec = objShell.Exec("psloggedon" & " \\" & strComputer)

strLoggedOnResults = LCase(objScriptExec.StdOut.ReadAll)

oFile.WriteLine(strLoggedOnResults )

Next

loop

MsgBox "Processing Done "

Function WMIDateStringToDate(dtmDate)

WScript.Echo dtm:

WMIDateStringToDate = CDate(Mid(dtmDate, 5, 2) & "/" & _

Mid(dtmDate, 7, 2) & "/" & Left(dtmDate, 4) _

& " " & Mid (dtmDate, 9, 2) & ":" & Mid(dtmDate, 11, 2) & ":" & Mid(dtmDate,13, 2))

End Function

**********************************************************************************

OU.TXT Modify the the text below to reflect your AD structure the DC site is your FQDN split out

and the ou side is your tree backwards order _MYSITE being the root

**********************************************************************************

ou=Equipment-Laptop,ou=BLDG1,ou=HQ,ou=US,ou=_MYSITE,dc=eur,dc=ds,dc=exterm,dc=org

ou=Equipment-PC,ou=BLDG2,ou=FINANCE,ou=ITALY,ou=_MYSITE,dc=eur,dc=ds,dc=exterm,dc=org

ou=Equipment-Servers,ou=BLDG1,ou=PROD,ou=GERMANY,ou=_MYSITE,dc=eur,dc=ds,dc=exterm,dc=org

Edited September 19, 2006 by eXtermia

[test123]

Thank you for your reply.

I don`t have direct access to the server, i have admin rights in active directory only. I`ll try the sysinternals software.

[chilifrei64]

this is kinda silly and mildly not what you are looking for.. But for my network, when I want to know who is logged into what computer. I open up symantec system center from Norton Corporate. It tells me who is logged on to what computer from the main interface.

But ofcourse this is only if you have symantec corporate managed clients installed on your network.

[eyeball]

A long way around is to open up compmgmt.msc and view the sessions, then look at the computer IP and do an nslookup on the ptr record for that IP.

that would work if you had a users name but didnt know which pc they were on

[jftuga]

this is kinda silly and mildly not what you are looking for.. But for my network, when I want to know who is logged into what computer. I open up symantec system center from Norton Corporate. It tells me who is logged on to what computer from the main interface.

But ofcourse this is only if you have symantec corporate managed clients installed on your network.

I sometimes use this way, too. It works great.

In our logon scripts, we write the user name,full name,date, time, etc. to a file called 'machinename' and the log off scripts removes this file. We use grep, findstr, etc to search these files for a user's logon name.

psloggedon.exe is also easy to use.

-John