On which machine an AD user is logged?

Similar Messages

• Enforce AnyConnect client to do machine authentication when user is logged on

  Hi All,
  I want to use AnyConnect as a supplicant to our corporate WLAN and also use Machine Authentication feature on ACS 5.3.
  Is there a way how to enforce AnyConnect client to do machine authentication when user is logged on? Sometimes can happen, when user just hybernate the computer and do not log off and log on. If they don't do this in some period, then they are not allowed to use WLAN.
  Thanks for your help.
  Regards
  Karel

  The problem appears to be if a user hibernate or ACS is reloaded and machine authentication  timer expired and user need to logout and wait or reboot the machine. After that it authenticates and then user can login again.  Anyconnect 3.1 will allow eap chainging and should be able to address that problem.

• Find out from the machine name, what user is logged in

  thank you. Is there a way to find out from the machine name, what user is logged in or who the machine belongs to?
  I can actually find out from the username what machine they have because there is a field called the wWWHomePage that gets populated with the computer name
  how do I do that? 
  Also I have a list of email addresses. How do I find the username from the list of email addresses ?
  thanks

  I have no good way to test this, so you'll probably have to adjust this on your end:
  Get-Content .\users.txt | ForEach {
  $emailAddr = $_
  $props = @{
  EmailAddress = $emailAddr
  Username = ''
  ComputerName = ''
  ComputerPath = ''
  try {
  $userDetails = Get-ADUser -Filter "EmailAddress -eq '$emailAddr'" -Properties wWWHomePage -ErrorAction Stop
  $pcDetails = Get-ADComputer -Identity $userDetails.wWWHomePage -Properties CanonicalName -ErrorAction Stop
  $props.Username = $userDetails.SamAccountName
  $props.ComputerName = $userDetails.wWWHomePage
  $props.ComputerPath = $pcDetails.CanonicalName
  } catch {
  $props.Username = 'ERROR'
  $props.ComputerName = 'ERROR'
  $props.ComputerPath = 'ERROR'
  New-Object PsObject -Property $props
  } | Select EmailAddress,Username,ComputerName,ComputerPath
  Don't retire TechNet! -
  (Don't give up yet - 12,950+ strong and growing)

• Any way to have time machine when every user is logged out?

  Hello. I have a small server running os x.5 and a hard disk with Time machine attached to it. For security reasons, the best way to have it run is to have the machine run with no user logged in. Several people work on it at distance by uploading/downloading material (via SVN, SSH, and so on), but I do not want that the random passer by tinker with it (it's in a public place).
  Now, I would like it to be regularly backed up, but I discovered that Time Machine does not work if there is no user logged in. This is a drag. Do you people have any trick I could use to keep TM working even when everybody is logged out (that is, when one can only see the login window)?
  Best,
  l.

  You might find this interesting:
  http://systemsboy.blogspot.com/2008/04/time-machine-after-logout.html

• How can I keep track of which users use which machines

  Hello!
  I'm notice that we have one machine in our labs that is constantly getting the keyboard damaged by one of the students. We use an Open Directory system to allow the students to log into any available machine, but how can I log which users are using that particular machine??
  Thanks!

  hi,
  try "last" in the client's terminal. is this what you are looking for?
  cheers,
  Michael.

• How to find out if a user is logged into a windows XP or VISTA machine

  Hi,
  Could somebody please tell me how to find out remotely over a LAN, whether a user is logged into a computer that is running windows XP/VISTA or not? How can this be programmatically done if we know the name of the remote machine?
  Thanks.
  Ravisara

  Hi,
  Thanks for all the replies.
  Actually it seems that my question has either been misunderstood or has been badly phrased by me.
  What I want to know precisely is the way to find out if a user is logged into a machine or not. Say for example in a LAN there are three computers called A, B and C. If my Java program is running on machine C, how can the program check whether a user is logged into machine A? Assuming JRE is present in all three machines, the machines have as their OS windows XP or VISTA and all machines are connected to a windows domain(Windows 2003 server based network)
  The idea here is to identify all the computers in a network that users are not logged into and then to remotely shutdown those computers in order to minimize wastage of electricity(preferably after a particular time of the day in an organization).
  Any replies would be much appreciated.
  Kind regards,
  Ravisara

• How to find Responsibility through which the user has logged in to Disco.

  Hi All,
  I have got a requirement to create a "Usage Report Summary by Responsibility" for all Oracle user having an Access to Oracle Disco Viewer.
  In the report, I need to show the list of Oracle Users and the Responsibilities through which an User has logged in to Disco Viewer.
  Kindly help me in finding the corresponding Disco tables to full-fill this requirement.
  Available Information/queries in my Hand:
  1. Query to find the list of Workbook and its shared Responsibilities
  2. Query to find number of times an Oracle Disco Report has been run.
  Thanks a ton in Advance
  Arun

  Hi Arun
  The first place to look is to try running one of the pre-built workbooks created by Oracle for this purpose.
  I see you are working in Apps mode. Therefore, you'll need to run both of these scripts when logged in as the owner of the EUL:
  1. EUL5.SQL
  2. EUL5_APPS.SQL
  You will find both scripts in the $ORACLE_HOME/Discoverer/Util folder where your Discoverer Administrator tool is located.
  Next, you will need to log into the Administrator tool and import this EEX file: EUL5.EEX
  You will find the EEX file located in $ORACLE_HOME/Discoverer, again on the PC where Discoverer Administrator tool is located.
  After you have imported the EUL, log into Desktop or Plus and open up the EUL5 workbook that you will now see in the list and work through the various worksheets. You should find one or two that will give you what you want.
  Let us know how you get on
  Best wishes
  Michael
  http://ascbi.com

• When one network user is logged in another network user cannot on the same machine

  I am working on a home network for 5 family members and we are use to fast user switching. Since getting the server up we can no longer fast user switch. If one network user is logged in and we go to switch to a new user the server returns an error and that user can not log into that machine until the first user logs out. I would expect this to work but I have not had any success.
  Any suggestions
  David urban

  Hi,
  What is the current setting of Enable user policy polling on clients?
  However, if this setting is False or No, the following will not work when users use the Application Catalog:
  In System Center 2012 Configuration Manager SP1 and System Center 2012 R2 Configuration Manager only, users cannot install the applications that they see in the Application Catalog.
  Users will not see notifications about their application approval requests. Instead, they must refresh the Application Catalog and check the approval status.
  Users will not receive revisions and updates for applications that are published to the Application Catalog. However, they will see changes to application information in the Application Catalog.
  If you remove an application deployment after the client has installed the application from the Application Catalog, clients continue to check that the application is installed for up to 2 days.
  http://technet.microsoft.com/en-in/library/gg682067.aspx#BKMK_ClientPolicyDeviceSettings
  In addition, the following to thread may give us some clue:
  http://social.technet.microsoft.com/Forums/en-US/6a51488c-ff68-4c83-9b3d-6d03fd74a373/application-catalog-could-not-communicate-with-the-client-control-properly?forum=configmanagerapps
  http://social.technet.microsoft.com/Forums/en-US/235f7ef7-e646-401e-9524-008831a32cde/application-catalog-silverlight-error-could-not-communicate-with-the-client-control-properly?forum=configmanagerapps

• How to perform this?by copying the IE URL of successfully logged in to another IE Browser and the user still logs in which is wrong.

    I have a problem. the user had successfully logged in in an IE Browser. Then I copy the URL of the IE
    to another IE Browser. The output must be, the browser will ask the user to log in again which is correct.
    In my application, the output was still logged in which is wrong.
    Kindly help

  I have the Application.cfm
  I dont use parameter such as CFID and CFTOKEN for my code.
  Is it possible to do it without using this parameter?
  Can
  you give me simple code that if it is successfully logged in, then it
  will perfom that the browser will ask you to log in again.
  Thank you for the reply and knowledge.
  jepoy1

• How do I prevent users from logging into my machine in single user mode?

  I established an standard accounts for my family.  My son figured out that if he logs into the machine in Single User mode that he logs in as the root user.  He then proceeded to create another user with administrative privileges and change his account to administrator then delete the other account.  Funny thing about this is that as much as OS X is secure from outside threats a simple command-s gets you right into the very heart of the machine......

  You can set a firmware password. The firmware password only allows you to start up in normal mode, so if you try to start in single-mode user or safe mode, your Mac will ask you for a password.
  The process to turn it on depends on the OS X version you have. Open  > About this Mac, check the Mac OS X version and follow the steps depending on your OS X version.
  If you have 10.7 or 10.8:
  1. Hold Command and R keys while your Mac is starting up.
  2. After starting up into OS X Utilities, go to Utilities menu (on the menu bar) > Firmware Password Utility, and enable the firmware password.
  3. Restart the Mac.
  If you have 10.6 or older:
  1. Insert the Mac OS X disc and hold the C key while your Mac is starting up.
  2. Choose your language, go to Utilities menu (on the menu bar) > Firmware Password Utility, and enable the firmware password.
  3. Restart the Mac.
  Also, this will protect your Mac against thieves because they won't be able to erase the hard drive without knowing the firmware password. Don't forget the password, because only Apple can reset it if you don't know this password

• How can I know Which windows user is logged in

  Hello friends,
  I want to know,
  1) which window user in logged (User Name)
  2)Whether he is Adminstrator or a guest
  Please help whether my environment variables is correct or not, whether i am calling the perfect dll or whatsoever
  My PATH Environment Variable
  under user variable is *%path%*
  under system variable is *%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem*
  I searched the internet and found two link for this problem
  1) *[http://www.codeguru.com/forum/archive/index.php/t-197626.html]* which tell such info is in advapi32.dll
  so here is the code based on above solution
  public class dllwindow
  private static native String GetUserName () ;
  public static void main(String[] args)
            System.loadLibrary("advapi32");
            String UserName =GetUserName();
            System.out.println("UserName :"+UserName);
  }and the error i get is
  Exception in thread "main" java.lang.UnsatisfiedLinkError: GetUserName
       at dllwindow.GetUserName(Native Method)
       at dllwindow.main(dllwindow.java:11)
  2) *[http://www.sinotar.com/download/swin/doc/com/sinotar/jni/Windows.html]* tells such info will be in swinlib.dll
  so here is the code based on aboves solution
  import java.lang.*;
  import java.lang.Object.*;
  public class dllwindow
  private static native String getComputerName();
  private static native String getUserName () ;
       public static void main(String[] args) {
            System.loadLibrary("swinlib.dll");
            String ComputerName =getComputerName();
            System.out.println("ComputerName :"+ComputerName);
            String UserName =getUserName ();
            System.out.println("UserName :"+UserName);
  }and the error i gets is
  Exception in thread "main" java.lang.UnsatisfiedLinkError: no swinlib.dll in java.library.path
       at java.lang.ClassLoader.loadLibrary(Unknown Source)
       at java.lang.Runtime.loadLibrary0(Unknown Source)
       at java.lang.System.loadLibrary(Unknown Source)
       at dllwindow.main(dllwindow.java:9)
  Really need your help
  Edited by: venkat_walking on Jul 14, 2008 9:23 AM

  System.getProperty("user.name");

• CryptAcquireContext failing with ERROR_FILE_NOT_FOUND (2L) when user not logged on Windows 8.1

  I am having a hard time migrating a C++ CryptoAPI-based application that currently runs on Windows Server 2008 to Windows 8.1. The scenario is:
  This application is eventually triggered by WatchDog.exe, which in its turn is triggered when the computer is started by Windows' Task Scheduler.
  Task Scheduler uses the following rules to start the WatchDog.exe:
  A Administrator User Account;
  Run Whether user is logged on or not;
  UNCHECKED: Do not store password. The task will only have access to local resources;
  Run with Highest Privileges;
  Configure for Win 8.1;
  Triggered at system startup.
  The server sits there, nobody logged, until in a given scenario WatchDog.exe starts the application. Application log confirms that the owner of the process (GetUserName)
  is the very same user Task Scheduler used to trigger WatchDog.exe.
  It turns out that this application works fine in Windows Server 2008, but in windows 8.1 a call to CryptAcquireContext fails
  with return code ERROR_FILE_NOT_FOUND (2L). The odd thing is that the application will NOT fail if, when started, the user is physically logged
  on the machine, although it was not the user who started the application manually.
  I took a look at the documentation and
  found:
  "The profile of the user is not loaded and cannot be found. This happens when the application impersonates a user, for example, the IUSR_ComputerName account."
  I had never heard of impersonification, so I made a research and found the APIs LogonUser,ImpersonateLoggedOnUser and RevertToSelf.
  I then updated the application in this way:
  HANDLE hToken;
  if (! LogonUser(L"admin", L".", L"XXXXXXXX", LOGON32_LOGON_BATCH, LOGON32_PROVIDER_DEFAULT, &hToken))
  logger->log (_T("Error logging on."));
  else
  logger->log (PMLOG_LEVEL_TRACE, _T("Logged on."));
  if (! ImpersonateLoggedOnUser(hToken))
  logger->log (_T("Error impersonating."));
  else
  logger->log (_T("Impersonated."));
  err = XXXXXXXXX(); // calls function which will execute CryptAcquireContext
  if (! RevertToSelf())
  logger->log (_T("Error reverting."));
  else
  logger->log (_T("Reverted."));
  Excerpt with the call to CryptAcquireContext:
  // Get the handle to the default provider.
  if(! CryptAcquireContext(&hCryptProv, cryptContainerName, MS_ENHANCED_PROV, PROV_RSA_FULL, 0))
  DWORD e = GetLastError();
  _stprintf_s (logMsg, 1000, _T("Error %ld acquiring cryptographic provider."), e);
  cRSALogger->log (logMsg);
  return ERR_CCRYPT_NO_KEY_CONTAINER;
  cRSALogger->log (_T("Cryptographic provider acquired."));
  As the result, I got the log:
  [2015/01/08 20:53:25-TRACE] Logged on.
  [2015/01/08 20:53:25-TRACE] Impersonated.
  [2015/01/08 20:53:26-ERROR] Error 2 acquiring cryptographic provider.
  [2015/01/08 20:53:26-TRACE] Reverted.
  That seems to show that impersonation is working properly, but still I get Error 2 (ERROR_FILE_NOT_FOUND) on CryptAcquireContext.
  Summary:
  On Windows Server 2008, the very same application runs properly even without the calls to LogonUser/Impersonate/Revert.
  On Windows 8.1, the application, with or without the calls to LogonUser/Impersonate/Revert, will only work properly if the user is logged on (which
  is not acceptable).
  Any thoughts where I can run to in order to get this working on windows 8.1?
  Thank in advance,
  Dan

  There are a couple of issues.
  Based on the parameters being used in CryptAcquireContext().  A profile needs to be loaded and your app has to be running as the same user who created the keyset. (which is why it works when a user is logged on Windows 8.1) Also, impersonation
  does not load your user profile, you need to call LoadUserProfile().  It seems like you should be using a machine keyset for your scenario if you want to do this when nobody is logged on.
  Take a look at the following KB article for more information.
  https://support.microsoft.com/kb/238187?wa=wsignin1.0
  thanks
  Frank K [MSFT]

• Machine Authentication and User Authentication with ACS v5.1... how?

  Hi!
  I'm having trouble setting up Machine Authentication and User Authentication on ACS v5.1 using WinXP SP3 (or SP2) as supplicant.
  This is the goal:
  On wireless (preferably on wired too) networks, get the WinXP to machine authenticate against AD using certificates so the machine is possible to reach via for example ping, and it can also get GPO Updates.
  Then, when the user actually logs in, I need User Authentication, so we can run startup scripts, map the Home Directory and so on.
  I have set up a Windows Sertificate server, and the client (WinXP) are recieving both machine and user certificates just fine.
  I have also managed to set up so Machine Authenticaton works, by setting up a policy rule that checks on certificate only:
  "Certificate Dictionary:Common Name contains .admin.testdomain.lan"
  But to achieve that, I had to set EAP Type in WinXP to Smart Card or other Certificate, and then no PEAP authentication occurs, which I assume I need for User Authentication? Or is that possible by using Certificates too?
  I just don't know how to do this, so is there a detailed guide out there for this? I would assume that this is something that all administrators using wireless and WinXP would like to achieve.
  Thank you.

  Hello again.
  I found out how to do this now..
  What I needed to do was to add a new Certificate Authentication Profile that checks against Subject Alternative Name, because that was the only thing I could find that was the same in both user certificate and machine certificate.
  After adding that profile to the Identity Store Sequences, and making tthe appropriate rule in the policy, it works.
  You must also remember to change the AuthMode option in Windows XP Registry to "1".
  What I really wanted to do was to use the "Was Machine Authenticated" condition in the policies, but I have never gotten that conditon to work, unfortunately.
  That would have plugged a few security holes for me.

• Using GPO to pin a preset list of icons on the taskbar for each user that logs onto their workstation?

  I would like to have the taskbar show a predetermined set of icons (Word, Excel, PPT, etc.) pinned to taskbar when a user first logs into their host machine.   Is this doable through a default GPO setting or do I need to do this via scripting?

  Hi onetech-it,
  Please tell us the OS enviroment of clients to get more help.
  If the clients are Windows 7, please refer to the following article which contains detailed steps:
  Forum FAQ: How to deploy Windows 7 Taskbar Pinned Icons by Group Policy?http://social.technet.microsoft.com/Forums/windowsserver/en-US/d172b4de-be7c-4149-8958-bebfe042ade1/forum-faq-how-to-deploy-windows-7-taskbar-pinned-icons-by-group-policy?forum=winserverGP
  Regards,
  Lany Zhang

• Headless itunes server works when I'm screensharing in... but stops working when I stop screensharing. Server user remains logged in, but clients cannot access.

  I have a headless OS X Server, on which I've created a new Network User: "iTunes". When I screenshare into the server machine, all my devices are able to see the Home Shared itunes account an play movies, TV and music.  As soon as I stop screensharing in to the server machine (even though I keep the user "iTunes" logged in), none of my devices can access the home-shared account.  Very strange... ideas??

  I solved issue by completely uninstall Mc Cafee ==" (so persistent)
  Phew, i can go to iTunes as usual