+ Post New Thread
Results 1 to 10 of 10
Windows Server 2008 R2 Thread, Alert when Domain Admin logs in in Technical; Hopefully someone will already know the answer to this one, I've had a search around the net but found nothing. ...
  1. #1

    Join Date
    Jan 2011
    Posts
    22
    Thank Post
    1
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Alert when Domain Admin logs in

    Hopefully someone will already know the answer to this one, I've had a search around the net but found nothing. Is there a way built in (or a simple way) to send a message/email every time a the Administrator account is logged in. I was thinking using netsend as part of the login script may be one way to do it but was wondering if there was anything better/purpose built out there at all.

    Thanks in advance.

  2. #2

    AngryTechnician's Avatar
    Join Date
    Oct 2008
    Posts
    3,730
    Thank Post
    698
    Thanked 1,210 Times in 761 Posts
    Rep Power
    394
    Nothing predefined that I know of, but you could set up an Event Viewer Task on the DC to execute an action when the appropriate login event is recorded in the Security log. You would need to specify the task on each DC though, as there's no way of knowing which one will process the logon.

  3. #3

    Join Date
    Mar 2007
    Posts
    1,748
    Thank Post
    79
    Thanked 288 Times in 219 Posts
    Rep Power
    70
    vbs login script to send an email or write something to a log

    batch command with echo %computername% >> \\domain.local\netlogon\log.txt would do it.

  4. #4
    GAS
    GAS is offline

    Join Date
    Jan 2008
    Location
    Guildford
    Posts
    60
    Thank Post
    16
    Thanked 14 Times in 12 Posts
    Rep Power
    16
    Hi,

    We have created GPO for 1 student that we like to monitor; you can alter to any use or group.
    Create new GPO
    Under Security Filtering add User or group (other than default Authenticated Users)
    Create / Add VBS script to login script

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ \\\\\\\\\\\
    ' A login Script to email the current username and computername to an email address.
    '-------------------------------------------------------------------------------
    ' Initialization - Get command line arguments and declare variables & constants
    '-------------------------------------------------------------------------------
    Option Explicit
    Dim objEmail
    Dim mbAnswer
    Dim attFName
    Dim oShell
    Dim user
    Dim comp

    '-------------------------------------------------------------------------------
    ' Main script
    '-------------------------------------------------------------------------------

    Set oShell = CreateObject( "WScript.Shell" )
    user=oShell.ExpandEnvironmentStrings("%UserName%")
    comp=oShell.ExpandEnvironmentStrings("%ComputerNam e%")

    ' Create the message object using CDO
    Set objEmail = CreateObject("CDO.Message")


    ' change the 5 lines below to the crrect settings for your system
    ' probably only the first, second and last actually need changing, (2 * Email address, Exchange server name)
    ' the other 2 lines are just for customisation.
    ' Assign message properties (To, From, Subject, etc.)

    ' The addres you want to be sending from - probably the pupil monitoring group
    objEmail.From = "StudentMonitoring@MySchool.sch.uk"
    ' The addres you want to be sending to - the pupil monitoring group
    objEmail.To = "User1@MySchool.sch.uk;User2@MySchool.sch.uk;User3 @MySchool.sch.uk"
    ' The text to appear in the subject of the email
    objEmail.Subject = "Student Monitoring Network Logon"
    ' The text body of the message. Currently shows which user has logged in to which machine no.
    objEmail.Textbody = "User " & user & " Has Logged in to machine no " & comp
    ' change the myexchservername to the network name of your exch server.
    objEmail.Configuration.Fields.Item ("http://schemas.microsoft.com/cdo/configuration/smtpserver") = "Exchange Server Name"
    ' Assign additional message properties, update the object, and send the message
    objEmail.Configuration.Fields.Item ("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2
    objEmail.Configuration.Fields.Item ("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25
    objEmail.Configuration.Fields.Update
    objEmail.Send




    Hope this help

  5. 3 Thanks to GAS:

    Alpha2x (26th July 2011), Ignatius (14th December 2011), rantonacci42 (14th December 2011)

  6. #5

    Join Date
    Jan 2011
    Posts
    22
    Thank Post
    1
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Thanks guys, especially GAS that looks to be exactly what I need. Will give it a go.

  7. #6
    chrisbrown's Avatar
    Join Date
    Aug 2010
    Location
    Melbourne, Australia
    Posts
    103
    Thank Post
    2
    Thanked 16 Times in 14 Posts
    Rep Power
    16
    You have two options, logon script or event log tasks. I'd suggest the latter.

  8. #7

    Join Date
    Nov 2011
    Location
    Bayport
    Posts
    6
    Thank Post
    1
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Just thought of doing this for a couple of our "problem" students and I'm glad you guys already figured it out. Thanks GAS!

  9. #8

    Michael's Avatar
    Join Date
    Dec 2005
    Location
    Birmingham
    Posts
    9,238
    Thank Post
    239
    Thanked 1,564 Times in 1,248 Posts
    Rep Power
    339
    If you raise the domain/forest functional levels to 2008 R2, you can enable a policy so at logon it displays information about successful and unsuccessful domain logons.

    Click here for more info.

  10. #9
    IanT's Avatar
    Join Date
    Aug 2008
    Location
    @ the back of my server racks farting.....
    Posts
    1,891
    Thank Post
    2
    Thanked 118 Times in 109 Posts
    Rep Power
    59
    What we do is log every logon and logoff and writes back to a text file:

    REM Login Script:
    for /f "Tokens=2 Delims=[]" %%i in ('ping -n 1 "%computername%"') do set IP=%%i

    echo %username% logged ON %computername%, IP=%IP% @ %time% %date% >> \\SERVER\AdminLog$\Staff\%username%.txt

    You create the .bat file, dump it in the Logon\Logoff scripts and done!

    It wont send any emails but will log it down, all you have to do is go into the text file.

  11. #10

    Join Date
    Nov 2011
    Location
    Bayport
    Posts
    6
    Thank Post
    1
    Thanked 1 Time in 1 Post
    Rep Power
    0
    I've been using the logon script provided by GAS, everything runs but the email wont send because the users cannot send email. Is there a line I can add for authentication or something else I can do so I get the email alerts?

    Thanks in advance!

SHARE:
+ Post New Thread

Similar Threads

  1. Replies: 6
    Last Post: 3rd November 2010, 02:42 PM
  2. NETLOGON folder opens when admin logs on
    By FN-GM in forum Windows
    Replies: 28
    Last Post: 13th March 2008, 10:35 AM
  3. Replies: 0
    Last Post: 22nd June 2007, 02:13 PM
  4. Replies: 9
    Last Post: 10th May 2007, 10:13 AM
  5. Replies: 7
    Last Post: 30th November 2006, 06:57 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •