User logging

[Ramesh]

Hi,

Is there a way i could see a log of which user logged on when in the PC?
Plus even better if i could see what programs were run by that user. Do we
have such logging facility in XP? Or could someone recommend any third
party software which could do this?

Purpose is to monitor my staff using the office PC. I suspect some misuse
is happening out of office hours.

Thanks for any help.
Ramesh

 

[Lanwench [MVP - Exchange]]

Hi,

Is there a way i could see a log of which user logged on when in the
PC?

Does every user have his/her own login, with a password nobody else knows,
and are these accounts members of the local Users group only?
Do users log themselves out of the computer when done with their work?
Does the computer's built-in Administrator account have a password only you
know?

If the above are true, you can enable auditing to see some of what you wish,
but even that may not give you sufficientinformation.

Plus even better if i could see what programs were run by that
user.
Nope.

Do we have such logging facility in XP?

Not for anything besides logins and specific file access if you wish to
enable that (and look through the lengthy logs).

Or could someone
recommend any third party software which could do this?

You might look at some of the "net nanny" programs or keyloggers.

Purpose is to monitor my staff using the office PC. I suspect some
misuse is happening out of office hours.

Thanks for any help.
Ramesh

Hope this helps. However, I must add that if it's after office hours, and
the "misuse" doesn't involve anything illegal, it seems odd to me that you'd
be bothered about this.

 

[Ramesh]

Thanks Lanwench.

Logins and file access would do just fine. Only worried about the lengthy
logs you mentioned. I hope there are ways to search for a name or folder
name.

Am also checking out a freeware i downloaded for this.

My concern is not illegal by the law. My suspicion is User A is accessing
User B account when User B has left office. And also manipulating data even
from own area in secrecy. Illegal by norms of the office.

Thanks for teh help.
Ramesh


"Lanwench [MVP - Exchange]"

 

[Ramesh]

Lanwench, i had a couple of concerns .. would enabling audit make a major
impact to teh system performance? would the length logs occupy large disk
space.

Ramesh

"Lanwench [MVP - Exchange]"

 

[Lanwench [MVP - Exchange]]

Thanks Lanwench.

Logins and file access would do just fine. Only worried about the
lengthy logs you mentioned. I hope there are ways to search for a
name or folder name.

Not really, with built in stuff.

Am also checking out a freeware i downloaded for this.

My concern is not illegal by the law. My suspicion is User A is
accessing User B account when User B has left office. And also
manipulating data even from own area in secrecy. Illegal by norms of
the office.

Sure. In that case, though, perhaps you need to implement technological
solutions such as I suggested ....if user A doesn't know user B's password,
and doesn't have admin or power user rights, how could user A be easily
doing that? Granted, anyone who's got physical access to this computer could
do whatever they wished, given enough time & skill, but you can at least
make it extremely difficult.

Thanks for teh help.
Ramesh


"Lanwench [MVP - Exchange]"

Does every user have his/her own login, with a password nobody else
knows, and are these accounts members of the local Users group only?
Do users log themselves out of the computer when done with their
work? Does the computer's built-in Administrator account have a
password only you know?

If the above are true, you can enable auditing to see some of what
you wish, but even that may not give you sufficientinformation.


Not for anything besides logins and specific file access if you wish
to enable that (and look through the lengthy logs).


You might look at some of the "net nanny" programs or keyloggers.

Hope this helps. However, I must add that if it's after office
hours, and the "misuse" doesn't involve anything illegal, it seems
odd to me that you'd be bothered about this.

 

[Lanwench [MVP - Exchange]]

Lanwench, i had a couple of concerns .. would enabling audit make a
major impact to teh system performance?

Normally, shouldn't....but be careful what auditing you choose to enable!

I'm really thinking a keylog app is more what you need.

would the length logs occupy
large disk space.

Shouldn't, either, if you set your event logs to reasonable sizes before
overwrite occurs.

Ramesh

"Lanwench [MVP - Exchange]"

Does every user have his/her own login, with a password nobody else
knows, and are these accounts members of the local Users group only?
Do users log themselves out of the computer when done with their
work? Does the computer's built-in Administrator account have a
password only you know?

If the above are true, you can enable auditing to see some of what
you wish, but even that may not give you sufficientinformation.


Not for anything besides logins and specific file access if you wish
to enable that (and look through the lengthy logs).


You might look at some of the "net nanny" programs or keyloggers.

Hope this helps. However, I must add that if it's after office
hours, and the "misuse" doesn't involve anything illegal, it seems
odd to me that you'd be bothered about this.