Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Getting windows user name?

From: "Behm, Jeff" <jbehm () burnsmcd com>
Date: Thu, 9 Sep 2010 08:22:02 -0500
On Thursday, September 09, 2010 6:20 AM, ArkanoiD said:

Any chance to do that either

-- without netbios queries, via ldap
-- without requesting info from workstation itself, from AD directly?


It would appear there has to be some way to do it directly from AD as our Websense installation seems to be doing it.

Websense can be configured to poll AD directly and/or the workstations themselves to determine who is logged on (or at 
least, a close approximation of who last authenticated from a given PC).

We currently have Websense set up to only poll AD to get that information(leaving the workstations alone) and it builds 
an array of usernames -> IP address mapping(which you can dump out with one of their supplied tools(consoleclient.exe, 
for those with websense that might be interested)).

Therefore, I would say that there *has* to be some way to get the "last authenticated" username from a machine, 
directly from AD, if all you have is an IP address. 

I have not tried to dig into exactly where AD is keeping that information...

Jeff

_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: