Tracking when a user has logged on

Email security
Employee monitoring
Exchange security
Exchange user settings
Login scripts
Password management
Tracking user activites
User monitoring
User Permissions
User restrictions
User tracking
As we are having the following problem in the office (small company without an IT person) I was wondering if it is possible to find out when someone last logged on to their PC. System details Email: Exchange server (externally hosted) PC OS: XP Productivity SW: Office 2007 Issue Someone is logging on to a PC and looking through the mail archive saved to the local drive of the PC. They then change the time and date of the PC (using the tool that you get to by double clicking on the time at the bottom right of the screen) and send email that the PC's user has previously received or sent (mostly personal, but some business email as well). Because the PC is not logged on to Exchange these emails only wind up in the out box to be sent, rather than being sent immediately. They do however, wind up with a date and time stamp that reflects the changes that the person made. E.g. Even though they access the PC on Sat at 3pm, they change the dates to Monday at 9am and this is what is recorded on the emails in the out box. What happens next is that when the user of the PC next logs on to Exchange the emails in the out tray get sent without them noticing it. Because the person doing this changes the date and time to the time that the user will next be in the office it looks as though the user is sending these emails. We figure that if we can check when the PC has previously been used we may get a better idea of who is doing this. Any ideas would be great. Kind thanks

Answer Wiki

Thanks. We'll let you know when a new response is added.

You might want to try installing programs such as Track4Win or RemoteSpy for remote monitoring of the computer’s usage activity in real-time.

Good Luck!

Discuss This Question: 2  Replies

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • Dwiebesick
    Are you in a domain or workgroup? Is the computer running XP Home or XP Pro? Do you have password requirement to logon to your computers? If you are looking to find this information now, and did not have logging enabled, I don't think you will be able to determine who was logged on. However, you have not provided the necessary information to make this determination. Let us know more details and I can give you a better answer.
    2,235 pointsBadges:
  • Pjb0222
    First thing, have the user change their password to a strong password and make sure they do not write it down. Do you have security logging enabled on the system? If not, enable logging adding successful and failed logins to tracked events. This will let you know what IDs logged on when and who is messing with the system. Does everyone have local admin on systems? If so, then it they are bent on malicious activity, it will be hard to catch them. Restrict local admin access on the system in question and change the local administrator password. If you want, restrict access to the PST file so that only the proper user has access to the file. Once again, admin rights trumps all. If you are in an AD domain, ensure that successful and failed logins are tracked. This is tracked on the domain controller that the system connected to during login. That means you have to check the log of each domain controller.
    3,310 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.


Share this item with your network: