Archived from groups: microsoft.public.windowsxp.work_remotely (
More info?)
Toybreaker,
I have this line in my logon.bat file. It writes a text
file to the C drive (you can redirect it elsewhere) of
all logons.
echo %username% %clientname% %date% %time% >> c:\logon.txt
Works for me.
Scott
>-----Original Message-----
>The Client does not write anything to the event logs
when you attempt a
>connection. I wa hoping that there would be a .txt
or .log file somewhere
>that kept that info. I have a hard time believing MS has
an app that does
>track what you do. oh well..thanks for the info
Al...much appreciated...i
>learned something!!
>
>"Sooner Al" wrote:
>
>> Misread your post...
>>
>> Hmmm... I have never tested on the client...
>>
>> Perhaps you could test and report back. That would be
a big help to others on this forum...
>>
>> --
>> Al Jarvi (MS-MVP Windows Networking)
>>
>> Please post *ALL* questions and replies to the news
group for the mutual benefit of all of us...
>> The MS-MVP Program -
http://mvp.support.microsoft.com
>> This posting is provided "AS IS" with no warranties,
and confers no rights...
>>
>> "Sooner Al" <SoonerAl@somewhere.net.invalid> wrote in
message
>> news:O5VTRilqEHA.3728@TK2MSFTNGP09.phx.gbl...
>> > If you expand the properties for the 528 event and
scroll down in the "Description" window and
>> > click on the "For more information" URL. The
resulting windows lists the various logon types. You
>> > can test against that, noting the time for each
login attempt using Remote Desktop, by providing
>> > wrong passwords for example to see now logging
works... Of course this presumes you setup the
>> > audit policy to also log failures...
>> >
>> > --
>> > Al Jarvi (MS-MVP Windows Networking)
>> >
>> > Please post *ALL* questions and replies to the news
group for the mutual benefit of all of us...
>> > The MS-MVP Program -
http://mvp.support.microsoft.com
>> > This posting is provided "AS IS" with no warranties,
and confers no rights...
>> >
>> > "Toybreaker" <toybreaker at gmail dot com> wrote in
message
>> > news:782A9A0F-E667-4328-BFA1-
6CC25547A3AD@microsoft.com...
>> >> Thanks for the info. I tested it and found the
event. So a 528 with a logon
>> >> type of 10 will always be a RDC or TS logon? What i
need to know is if the
>> >> client keeps any logs of attempted connection
whether succesful or failures.
>> >>
>> >> "Sooner Al" wrote:
>> >>
>> >>> Look in the Event Log (Security) for a
Logon/Logoff Event 528. It should have a Logon Type 10...
>> >>>
>> >>> You can setup an Audit Policy using the Group
Policy editor to log logon success and failures.
>> >>> Go
>> >>> to "Start -> Run" and type 'gpedit.msc' (without
the quotes). Navigate to "Local Computer
>> >>> Policy ->
>> >>> Computer Configuration -> Windows Settings ->
Security Settings -> Local Policies -> Audit
>> >>> Policies -> Audit logon events". Highlight and
right-click and select properties. Configure as
>> >>> desired. Note, some folks have XP boxes setup to
login without a password. Logging in
>> >>> without a password counts as a "failure". This
results in the security log filling up very fast
>> >>> if
>> >>> you log failures and have a user without a
password. I fell into that trap while testing a new
>> >>> XP
>> >>> Pro box once. The result is you can not login
normally. Also note, not having a password is
>> >>> a potential and probable security risk.
>> >>>
>> >>> The event log can be viewed by going to "Start ->
Control Panel -> Performance and
>> >>> Maintenance ->
>> >>> Administrative Tools" and click on "Event Viewer".
>> >>>
>> >>> --
>> >>> Al Jarvi (MS-MVP Windows Networking)
>> >>>
>> >>> Please post *ALL* questions and replies to the
news group for the mutual benefit of all of us...
>> >>> The MS-MVP Program -
http://mvp.support.microsoft.com
>> >>> This posting is provided "AS IS" with no
warranties, and confers no rights...
>> >>>
>> >>> "Toybreaker" <toybreaker at gmail dot com> wrote
in message
>> >>> news:053BBE00-AE37-4B6B-85B4-
40FFB72C4B67@microsoft.com...
>> >>> > Does RDC keep ANY logs at all. errors,
connections made...recent connections?
>> >>> > anything at all would be helpful as i have
searched and can not find any as
>> >>> > of yet.
>> >>> >
>> >>> > Thanks all!
>> >>> > Toybreaker at gmail dot com
>> >>> > --
>> >>> > NEXT!!!
>> >>>
>> >>>
>> >
>>
>>
>.
>
Facebook
Twitter
Instagram