Identify currently logged on users
Objective:
You wish to track the currently logged on users on a system using OpUtils' IP Address Manager module.
Pre-requisites:
By default, OpUtils displays Logged on user details by fetching it from event logs using Active Directory(AD) credentials. For this to work, please ensure you meet the following requirements:
- Configure AD details under Settings, OpUtils, and Active Directory.
- The configured user credentials should have admin permission and should be present in the Event log readers group.
Note: OpUtils will fetch the events from event ids 672, 4768 & 4769.
To fetch and display logged on user details:
To fetch event logs from AD, please follow the steps given below,
- Go to Computer Configuration > Policies > Windows Settings > Security Settings > Local Policies, and enable Audit Policy Service.
- Define the policy and choose for Success and Failure.
- Go to Computer Configuration > Policies > Windows Settings > Security Settings > Advanced Audit Policy Configuration > Audit Policies > Account Logon and click on Audit Kerberos Authentication Service.
- Ensure that the Audit account logon events and Audit logon events are enabled.
- Define the policy and choose for Success and Failure.
- Go to Control Panel > Administrative Tools > Group Policy Management > Default Domain Controllers Policy and right click to edit Audit Policy. Policy Setting should be Success.
- Define the policy and choose for Success and Failure.
- Configure Kerberos Authentication service.
- Go to Security Settings > Advanced Audit Policy Configuration > Audit Policies and click on Account Logon.
Note: In case of Non-Administrator,
- The user should be a member of Distributed COM Users, Domain Users, and Event Log Readers.
- Non-administrator should have access to WMI name spaces (CIMV2, directory,RSOP) on the Domain Controller.
- This can be configured by navigating to Control Panel > Administrative Tools > Computer Management > WMI Control > Properties > CIMV2, directory, RSOP > Enable Account, and click on Remote Enable.
Speak to us
Current logged on user details still not displayed? Support will be available 24hrs a day and five days a week (Monday through Friday), excluding USA & India public holidays.
Telephone : +1-888-720-9500
Email : oputils-support@manageengine.com
Join the OpUtils Community, to get instant answers for your queries, register with our Forum.