Skip to main content

Steps to Track user logon in Windows XP/ Windows Server 2003

Tracking user is related to store information about user login, logout and other activity after login to the system. Track user login is not a feature of windows OS. So if we want to store logon information about all users, we have to write a command line script or program. This script stores user data in a secure file which has no modification access to all users except administrator.

Tracking is useful when we need some secret information about login and logout time or if we need to count time of user connectivity with the computer.

Here we store user computer name, user name, login date, time and IP address, which is sufficient for user tracking.

Step 1:
Create the following two files using Notepad or any text editor:

LOGON:
Open Text editor and write:

IPCONFIG |FIND "IP" > %temp%\filename.txt  //file in temp folder for temporary use only
FOR /F "tokens=2 delims=:" %%a in (%temp%\filename.txt) do set IP=%%a
del %temp%\filename.txt //delete temporary filename.txt
set IP=%IP:~1%  //set IP address to IP
echo Login From:, %COMPUTERNAME%, User Name:, %USERNAME%, Date:, %DATE%, Time:, %TIME%,%IP% >> \\Your Computer Name or IP Address\share$\logon.log  //print information on the file named logon.log

Save file with .cmd extention.
How can edit gpedit.msc to track user logon in Windows XP/ Windows Server 2003
Edit Group Policy
LOGOFF:
Open Text editor and write:

Just change file name logoff.log instead of logon.log;
 Save file with .cmd extention.

Step 2:
After creating file, you should go to Group Policy by Start->Run->then type “gpedit.msc”. In Group Policy Tree, Traverse the tree in following order: User Configuration-> Windows Settings-> Scripts (Logon/Logoff)-> Logon, Here Click "Add" to locate your script location, then click OK.
Step 3:
Now go to "Run" from start button and type “gpupdate” to update Group Policy.

Step 4:
When users log on and off in you system, your logon file \\Your PC IP Address\SHARE$\logon.log should looks like below example:

logon Zahed User Tue 02/07/2012 10:30:51.12
logoff Johnny User Tue 02/07/2012 11:10:08.45
logon Toypet User Tue 02/07/2012 12:34:01.07
logoff Johnny User Tue 02/07/2012 12:43:46.81

I think it will work, but if have any confusion regarding this script; do not hesitate to contact with me.

Labels:

Comments

  1. AnonymousFriday, January 06, 2012 4:32:00 PM

    Is there any effect on Start up and shut down on Group Policy

    ReplyDelete
  2. Mohammad Zahed HossainSunday, January 08, 2012 2:04:00 PM

    No there is no effect unless you change configuration for Computer Settings->Windows Settings ->script(Shutup/Shutdown)

    ReplyDelete

Post a Comment

Popular posts from this blog

Facebook timeline recent activity and post disappeared

Facebook Timeline gives our profile a new graphical look. It also launches many new features. Activity log is one of them where we will find all of our recent activities on profile, example: Any “Like” on own or others post, comments, status update, add new photos, invites someone to add group, add albums, send friend request etc. But sometimes we face problem with disappear recent activity from Facebook timeline or wall post from profile. This problem is one of the common problems in new feature. It may happen in two stage of your account.  - When your account transfer from old wall view to Timeline or New profile in Timeline. - Another stage is for existing Timeline account, where recent activity disappears without any specific reason. The first case we can handle very easily. It basically happen due to transfer and the solution depends on visibility of your post or activity like (Public, Friends and Custom). Now set your visibility settings from privacy setting or directly...
21 comments
Read more

Brief and Examples on Simplex, Half-Duplex, Full-Duplex Transmission

In data communication, there are three types of communication styles; they are Simplex, Half-Duplex and Full-Duplex. Here we discuss about their characteristics with examples. Simplex: In this communication style data can send only and basically it is one way or uni-direction communication. This type of communication is not widely used for transmit trusted data because it can not send any error or control signal to sender terminal. This style of communication is vastly used in Radio and TV where we can see and hear or receive data only but we can not send any information data by the same channel. Half-Duplex: Half-Duplex is another type of communication style where data can and send and receive but not at the same time. In this communication type, if data is send from one end, then we can not send data from another that means communication establish in one direction.  This communication vastly used in walkie-talkie, intercom, string phone etc. The practical ...
Post a Comment
Read more

Speed up computer without any software in Windows OS

There are many software to speed up your computer, But I will give you some trick to speed up your PC very easily. You may know common issues which can effect on speed of your computer from this post. Steps to speed up your PC : 1. Install spyware and antivirus to get rid of spyware and antivirus from your computer.You can get many free spyware and antivirus from internet. But before install, be sure about the software because some of them slow your PC speed. Run full check of your system area and HDD. 2. Enable your firewall, if you have built in firewall with your antivirus or internet security software then your windows firewall will be disable, but you must ensure your firewall is enable to protect your computer. You can change your firewall from the link: http://latestitsupport.blogspot.com/2011/12/how-to-turn-off-or-turn-on-windows.html 3. Free up your disk space to speed up your computer. Disk Clean up is an important tool to free disk space of Windows OS. You can easily cle...
4 comments
Read more