域---查看用户登录的客户端

       在域环境下,要查看那些用户已经登录在域中,用那台电脑登录的,一般是启用登录事件审核,然后再去安全日志中去查找,安全日志中LOG量大,查看也不方便,有没有更方便的方法呢?

        一次偶然的机会,从微软一位工程师中得到一个脚本,在域控制器上新建一个TXT文件,将下面内容COPY进去,另存为.VBS ,然后执行就可以查看那些用户登录在域中的那台客户端上!

' Script for getting current logged user name on Domain
strDomainName = InputBox ("Please enter the internal Domain Name:","Script for getting current logged username","yourdomain.local")
arrDomLevels = Split(strDomainName, ".")
strADsPath = "dc=" & Join(arrDomLevels, ",dc=")


Const ADS_SCOPE_SUBTREE = 2

Set objConnection = CreateObject("ADODB.Connection")
Set objCommand =   CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"'

Set objCOmmand.ActiveConnection = objConnection
objCommand.CommandText = _
   "Select Name, Location from 'LDAP://"&strADsPath&"' " _
      & "Where objectClass='computer'"  
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE 
Set objRecordSet = objCommand.Execute
objRecordSet.MoveFirst

Set oFSO = CreateObject("Scripting.FileSystemObject")
Set of = oFSO.CreateTextFile("LoggedUser.txt", True, True)

Do Until objRecordSet.EOF
   On Error Resume Next
   sPC = objRecordSet.Fields("Name").Value
    of.writeline " "
 of.writeline "Machine Name: "&sPC

 
 Set objWMILocator = GetObject("winmgmts:" _
    & "{impersonationLevel=impersonate}!\\" & sPC & "\root\cimv2")
    
    If Err = 0 Then 
        
 Set col =  objWMILocator.ExecQuery _
    ("Select * from win32_computersystem")
 
 For Each item In col
  
   
  of.writeline  "Logged User: "&item.username
   
 Next
 Set col = Nothing
 Else
 of.writeline "!!! Cant connect to "&sPC&" !!!"
 
 End If

objRecordSet.MoveNext
Loop

of.close
MsgBox "Done! Cheers!"



本文转自 yab109 51CTO博客,原文链接:http://blog.51cto.com/active/536000,如需转载请自行联系原作者

上一篇:安全扫描工具导致EBS R12 DB session异常增加,应用登录界面白屏


下一篇:Linux禁止普通用户使用su 切换到root 用户