A custom script has been written to audit lab log ins and log outs. This will be logged to an SQL database set in the script. The SQL account used in the script has been setup with write but not read access.
You can find the VBS script attached here 
Running Under UTAS Active Directory
To run this script under the UTAS domain link the "ITS-Lab Audit Script" to your Labs OU in your area. This can be done with the group policy management console.
- Open "Start" > "Control Panels" > "Administrative Tools" > "Group Policy Management"
- Browse to your Lab machine OU
- Right click on your Labs machine OU
- Select "Link an existing GOP..."
- Chose "ITS-Lab Audit Script"
- Click "OK"
This will take affect next time you restart your machines
Running Under Faculty Active Directory
To run this script under your faculty's Active Directory create a group policy for this script and add the script to the correct folder.
- Open "Start" > "Control Panels" > "Administrative Tools" > "Group Policy Management"
- Browse to your Lab machine OU
- Right click on your Lab machine OU
- Select "Create and Link a GPO Here..."
- Give this policy a descriptive name (Lab Audit Script)
- Right click on the newly created policy and select "Edit..."
Turn on Group Policy Loopback Processing Mode
- Expand "Computer Configuration" > "Administration Templates" > "System"
- Select "Group Policy"
- Double click on "User Group Policy loopback processing mode"
- Select "Enabled"
- Set "Mode" to "Merge"
- Click "OK"
Enable the Logon script
- Expand "User Configuration" > "Windows Settings"
- Select "Scripts (Logon/Logoff)"
- Double click "Logon"
- Click "Add..."
- Set "Script Name" to "LabUsageAudit.vbs"
- Set "Script Parameters" to "Logon"
- Click "OK"
- Click "Show Files..."
- This will open a Windows Explorer window copy the "LabUsageAudit.vbs" script to the new window
- Cloce the Windows Explorer window
- Click "OK"
Enable the Logoff script
- Expand "User Configuration" > "Windows Settings"
- Select "Scripts (Logon/Logoff)"
- Double click "Logoff"
- Click "Add..."
- Set "Script Name" to "LabUsageAudit.vbs"
- Set "Script Parameters" to "Loggoff"
- Click "OK"
- Click "Show Files..."
- This will open a Windows Explorer window copy the "LabUsageAudit.vbs" script to the new window
- Cloce the Windows Explorer window
- Click "OK"
Close the "Group Policy Object Editor" window
To Link this script to other OUs
- Open "Start" > "Control Panels" > "Administrative Tools" > "Group Policy Management"
- Browse to your Lab machine OU
- Right click on your Labs machine OU
- Select "Link an existing GOP..."
- Chose the policy created above
- Click "OK"
This will take affect next time you restart your machines
Running Under Novell
About
We use a User Policy and Workstation Policy package to set up the following events
- At System startup - runs the SetWORKSTATION_DN.vbs which creates an environment variable named WORKSTATION_DN variable with the lab OU and ip address
- At User Login - runs LabUsageAudit.vbs which logs the time, user name and other information with the "Logon" parameter
- At User Logoff - runs LabUsageAudit.vbs which logs the time, user name and other information with the "Logoff" parameter
|
Add Action Items to an existing Global Lab User and Workstation Policy Package or Create new Global Lab user and Workstation Policy Packages
Goto an existing User Policy Package or create one:
LogOn
- Right click "Properties" > Policies Tab > Add
- Name the Policy name "Audit_LogON" > Click "OK"
- With the new Policy Item selected > Click "Properties" > "Actions" Tab > "Add"
- Name: cmd
- Grab the script here and place it on a Zen share
- Parameters: /c wscript \\UNC_SERVER\scripts\LabUsageAudit.vbs Logon
- Click "OK"
- Select "Policy Schedule" Tab
- Policy schedule type: "Event"
- Run this policy when the following event happens: "User logon"
- Click "Advanced Settings.."
- Fault Tab > Select "Ignore the error and reschedule normally"
- Select "Impersonation" tab > Select "Interactive user" > Press "OK"
- Press "Apply"
LogOff
- Right click "Properties" > Policies Tab > Add
- Name the Policy name "Audit_LogOFF" > Click "OK"
- With the new Policy Item selected > Click "Properties" > "Actions" Tab > "Add"
- Name: cmd
- Grab the script here and place it on a Zen share
- Parameters: /c wscript \\UNC_SERVER\scripts\LabUsageAudit.vbs Logoff
- Click "OK"
- Select "Policy Schedule" Tab
- Policy schedule type: "Event"
- Run this policy when the following event happens: "User logoff"
- Click "Advanced Settings.."
- Fault Tab > Select "Ignore the error and reschedule normally"
- Select "Impersonation" tab > Select "Interactive user" > Press "OK"
- Press "Apply"
Goto an existing Workstation Policy Package or create one:
Set Workstation OU Environment variable
- Right click "Properties" of the Policy Package > Policies Tab > Add
- Name the Policy name "Set_wsid" > Click "OK"
- With the new Policy Item selected > Click "Properties" > "Actions" Tab > "Add"
- Name: cmd
- Grab the script here and place it on a Zen share
- Parameters: /c wscript \\UNC_SERVER\scripts\SetWORKSTATION_DN.vbs
- Click "OK"
- Select "Policy Schedule" Tab
- Policy schedule type: "Event"
- Run this policy when the following event happens: "System startup"
- Click "Advanced Settings.."
- Fault Tab > Select "Ignore the error and reschedule normally"
- Select "Impersonation" tab > Select "System" > Press "OK"
- Press "Apply"
This will take 2 restarts before taking full effect.
Check that the new policy actions appear by looking in the Display Scheduler > Click "Refresh"
ACTION
- Set_Audit_WSID - is set in the XP_PCRDist_Startup_Pol_Pak_ITR
- AUDIT_LogOff - is set in the Mandatory Student User PolPak-HBT
- AUDIT_LogOn - is set in the Mandatory Student User PolPak-HBT
|
