堆栈内存溢出
  简体   繁体   English

如何以编程方式获取Active Directory中的计算机列表以及每个计算机的最后登录用户?

[英]How to programmatically obtain a list of computers in Active Directory and the last logged-in user to each?

 原文  2018-11-26 21:07:22       c#/ .net/ active-directory

问题描述

I've done a fair amount of research and have learned how to obtain the last logged-in timestamp for users in Active Directory, as well as how to obtain a list of computers from Active Directory. 我已经进行了大量研究,并且了解了如何为Active Directory中的用户获取上次登录的时间戳,以及如何从Active Directory中获取计算机列表。 What I can't seem to figure out is how to put the two together, so that I have a list of all computers (or at least the ones from the organizational unit I provide) as well as the last user who logged-into each and the time it occurred. 我似乎无法弄清楚如何将两者结合在一起,以便获得所有计算机的列表(或至少是我提供的组织单位中的计算机)以及最后登录每台计算机的用户的列表。以及发生的时间。 I don't need current logins, just the last login. 我不需要当前登录名,只需最后一次登录。 How can this be done? 如何才能做到这一点?

I'd prefer C#. 我更喜欢C#。

1 个解决方案

解决方案1
 0  2018-11-27 13:38:10

A neat trick is to just look at the last modified timestamp of the folders in C:\\Users. 一个巧妙的技巧是仅查看C:\\ Users中文件夹的最后修改的时间戳。 The last modified one is the last person to login. 最后修改的是最后登录的人。 But keep in mind that if an admin person logs in (even remotely), they'll show up on top so you can't just check once and assume it's that person's computer. 但是请记住,如果管理员登录(甚至是远程登录),他们将显示在顶部,因此您不能只检查一次并假设它是该人的计算机。 But if you check 10 times and 9/10 times it's one person, then you can conclude it's that person's computer. 但是,如果您检查10次和9/10次是一个人,那么您可以得出结论,这是那个人的计算机。

Then you can match up the profile folder to the SID of the account from the registry on that machine: HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\ProfileList 然后,您可以将配置文件文件夹与该计算机上的注册表中的帐户的SID匹配: HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\ProfileList

Yes, you can also look at the logs on the domain controllers to see where people are logging in from, but keep in mind that every time someone authenticates to anywhere, that counts as a log in: if someone authenticates an intranet site, I'm pretty sure that'll show up as a login coming from the web server. 是的,您还可以查看域控制器上的日志,以查看人们从何处登录,但是请记住,每次有人进行身份验证时,就算是登录:如果有人对Intranet站点进行了身份验证,我很确定这将显示为来自Web服务器的登录名。 Same with accessing a file share. 与访问文件共享相同。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何检查当前登录的用户是否是Azure Active Directory B2C“全局管理员”? ASP.NET MVC - How to check if currently logged-in user is Azure Active Directory B2C “Global Administrator”? ASP.NET MVC 如何列出所有计算机以及他们最后一次登录AD? - How to list all computers and the last time they were logged onto in AD? 列出活动目录中的所有计算机 - List all computers in active directory 如何查找哪个用户最后通过C#中的Active Directory登录到给定的计算机? - How to find what user last logged onto a given computer through Active Directory in C#? 如何获取当前登录用户的详细信息? - How to get current logged-In User details? 如何访问已登录用户的属性? - How to access the properties of a logged-in user? 获取Active Directory中计算机的上次登录时间 - Getting last Logon Time on Computers in Active Directory 如何倒退三周内最后一个未登录的用户? - How to get the last not logged-in user's within three weeks backwards? Active Directory检查用户是否已登录 - Active Directory check if user is logged in 加载活动目录用户及其关联的计算机 - Loading the active directory user and their associated Computers
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM