Morning guys,

We've recently had a problem with software restriction where users could exe programs etc. Anyway, problem solved etc, I wanted to know who ran what.

Short of login as every user (not acceptable!), I had to come up with my own solution.

So here it is. It's a program where you can load a roaming profile's NTUser.Dat into your own registry (it loads it into HKEY_USERS under a subkey you define). Once it's in there, you can read/write from it like anything else.

At the moment my program is just a concept. But I am in the progress of writting a version which will connect to AD, enum through a list of users (filtered or otherwise if you chose), grab their profile path and will load their user registry up.

At the moment it only gets the OpenSaveMRU (recently accessed files, which includes things like *.doc, *.mp3 etc... anything opened/saved through a ComDlg32 window). But i'm planning to add more reporting features.

Obviously your AUP must allow use of this before you use it. If you want the concept program, it's available in source form on my website Brain Thee! Run on a hamster powered server (Sorry!)

One more thing, any requests for bits to grab from the registry?