/build/static/layout/Breadcrumb_cap_w.png

Detect Remote Desktop Login?

Any ideas on how to detect during login if the person is using Remote Desktop or locally logging in to the system?

0 Comments   [ + ] Show comments

Answers (3)

Posted by: williamp 14 years ago
Orange Belt
1
ORIGINAL: cessna

Any ideas on how to detect during login if the person is using Remote Desktop or locally logging in to the system?


If security auditing is enabled on the machine, a login event will get written to the Security event log. The Event ID for an RDP successful login seems to be 682.

WMI will read event logs. Take a look at this article at Microsoft for some nice code to embed in a WSH script if you like. You'd want to modify it to look for type "success" and event ID 682. For example, ("Select * FROM Win32_NTLogEvent WHERE Logfile = 'Security' AND EventType = 4 AND EventCode = 682") Here's the article:
http://www.microsoft.com/technet/scriptcenter/resources/qanda/oct04/hey1026.mspx

Hope this helps.

William

PS - Just saw your "never mind" reply, you must have written it as I was writing this one. Oh well....
Posted by: cessna 14 years ago
Senior Yellow Belt
0
Nevermind, I found a way.

The system variable %sessionname% will return Console if its local or RDP* if its remote.
Posted by: cessna 14 years ago
Senior Yellow Belt
0
Cool, another way to attack the problem though.

Thanks for the tip!
Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login

View more:

Share

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ