D
DaveP
Is there a way to monitor USER logon time on an XP Pro machine?
TIA,
DaveP
TIA,
DaveP
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
G
Guest
By default, Windows XP do not audit the logon events. However, you can change
the "Audit Policy" as per your requiremet. To do so, follow the instructions:
1. click Start - Run
2. Type "GPEDIT.MSC" and press enter key
3. Goto "Local Computer Policy" - "Computer Configuration" - "Windows
Settings"
"Security Settings" - "Local Policies" - "Audit Policies"
5. Here double-click on "Audit Logon Events" and check the events required.
"Success for Successful Logon" and "Failure for Logon Faliure Events"
6. Apply the settings and close Group Policy Editor
Logoff and Login again
7. To see the login events (like Date, Time, User Name, etc) Right Click on
My Computer and choose Manage
8. Expand to "Computer Management" - "System Tools" - "Event Viewer" -
"Security"
That is all. Double click on the Events listed.
If was helpful then let us know.
the "Audit Policy" as per your requiremet. To do so, follow the instructions:
1. click Start - Run
2. Type "GPEDIT.MSC" and press enter key
3. Goto "Local Computer Policy" - "Computer Configuration" - "Windows
Settings"
"Security Settings" - "Local Policies" - "Audit Policies"
5. Here double-click on "Audit Logon Events" and check the events required.
"Success for Successful Logon" and "Failure for Logon Faliure Events"
6. Apply the settings and close Group Policy Editor
Logoff and Login again
7. To see the login events (like Date, Time, User Name, etc) Right Click on
My Computer and choose Manage
8. Expand to "Computer Management" - "System Tools" - "Event Viewer" -
"Security"
That is all. Double click on the Events listed.
If was helpful then let us know.
R
Rick \Nutcase\ Rogers
Hi,
Yes, start/run secpol.msc. Click on Local Policies/Audit Policies, then
double click on "Audit Account Logon Events" in the right pane. Enable at
least the "success" option. Close the local security snap-in. You will now
find any new logons listed in the security portion of the event viewer.
--
Best of Luck,
Rick Rogers, aka "Nutcase" - Microsoft MVP
Windows help - www.rickrogers.org
Yes, start/run secpol.msc. Click on Local Policies/Audit Policies, then
double click on "Audit Account Logon Events" in the right pane. Enable at
least the "success" option. Close the local security snap-in. You will now
find any new logons listed in the security portion of the event viewer.
--
Best of Luck,
Rick Rogers, aka "Nutcase" - Microsoft MVP
Windows help - www.rickrogers.org
D
David Candy
Audit logon events
Should be done as well to cover all logons.
The one you mention is ones the local security system authorised. On a domain I don't think it will log as local computer does nothing. The above one is people logging on to this specific machine no matter where it was authorised..
Should be done as well to cover all logons.
The one you mention is ones the local security system authorised. On a domain I don't think it will log as local computer does nothing. The above one is people logging on to this specific machine no matter where it was authorised..
D
DaveP
Thanks for all answers. Just what i needed.
Appears Audit logon events needs to be turned on also.
DaveP
"David Candy" <.> wrote in message
Audit logon events
Should be done as well to cover all logons.
The one you mention is ones the local security system authorised. On a
domain I don't think it will log as local computer does nothing. The above
one is people logging on to this specific machine no matter where it was
authorised..
Appears Audit logon events needs to be turned on also.
DaveP
"David Candy" <.> wrote in message
Audit logon events
Should be done as well to cover all logons.
The one you mention is ones the local security system authorised. On a
domain I don't think it will log as local computer does nothing. The above
one is people logging on to this specific machine no matter where it was
authorised..
R
Rick \Nutcase\ Rogers
Yes, that's correct. Thanks for adding that, David.
--
Best of Luck,
Rick Rogers, aka "Nutcase" - Microsoft MVP
Windows help - www.rickrogers.org
"David Candy" <.> wrote in message
Audit logon events
Should be done as well to cover all logons.
The one you mention is ones the local security system authorised. On a
domain I don't think it will log as local computer does nothing. The above
one is people logging on to this specific machine no matter where it was
authorised..
--
Best of Luck,
Rick Rogers, aka "Nutcase" - Microsoft MVP
Windows help - www.rickrogers.org
"David Candy" <.> wrote in message
Audit logon events
Should be done as well to cover all logons.
The one you mention is ones the local security system authorised. On a
domain I don't think it will log as local computer does nothing. The above
one is people logging on to this specific machine no matter where it was
authorised..