# View users who have logged into my computer



## goatee (Oct 25, 2006)

I have Windows XP Professional on a computer networked into a Windows 2003 network.

Is there a way I can determine who has logged into this machine besides me?

I have tried Administrative Tools-Computer Management-Event Viewer-Security, and can sort by user, BUT - some of the users it lists make no sense, and the detail it lists when double-clicking on an event is gobbelty-**** to me. 

Is there a better way to determine successful logins to this machine?

Thanks


----------



## erick295 (Mar 27, 2005)

If you go to C:\Documents and Settings, there should be a folder for each user that has logged on.


----------



## DoubleHelix (Dec 10, 2004)

Those folders can be deleted by anyone with administrator rights.


----------



## goatee (Oct 25, 2006)

Also, for some specific application needs - I have found out that if (on our network) you know a person's IP address - that you can use IE to access others' hard drives.

-Which means that you can literally navigate others hard drives *without* having to "log in" to the machine. Not A Good Design! Accessing a machine this way would not create a folder under Documents and Settings.

Any other ideas?


----------



## Squashman (Apr 4, 2003)

You can setup Audit Policies for this. You can Audit Account Logon Events and Audit Logon Events. Just setup the policy.

You could also setup a little batch file in their login script. We did this at the school district I worked for. The login script would write to two files. One with the computer name and one with the username. It kept track of that stuff very nicely for us.


----------



## erick295 (Mar 27, 2005)

goatee said:


> Also, for some specific application needs - I have found out that if (on our network) you know a person's IP address - that you can use IE to access others' hard drives.
> 
> -Which means that you can literally navigate others hard drives *without* having to "log in" to the machine. Not A Good Design! Accessing a machine this way would not create a folder under Documents and Settings.
> 
> Any other ideas?


That sounds like a permissions issue. You shouldn't be able to access the drive unless it's shared.


----------



## valis (Sep 24, 2004)

I think what goatee is stating is that he is concerned about people going to start > run > his ip address, and having access to his folders there, as he is a member of a domain.

Is that accurate, goatee?


----------



## goatee (Oct 25, 2006)

Actually, what I saw happening was a person getting into Windows Explorer, typing in \\ip-address\c$, and having complete access to another's hard drive. -scary-


----------



## valis (Sep 24, 2004)

that's what I meant. I use it dozens of times daily here, when I need to either get something off a users machine, or place something on a users machine.....beats copying it to a usb, then walking to that machine and uploading it.

you can also just type in the the computer name, a la \\mycomputer\c$ and get there, IF the permissions are set.


----------



## Squashman (Apr 4, 2003)

http://www.petri.co.il/disable_administrative_shares.htm


----------

