As the person essentially in charge of desktop support for a field office of about 100 users, I occasionally receive a phone call from a corporate network administrator who wants to know who’s using all the bandwidth, or who is downloading viruses, or the like. Usually, they give me a NetBIOS name, and I take care of checking the user’s internet history and talking with them about their particular issue.
More frequently that that, I have to track down a user who is using a particular resource. For instance, this morning all of our available admin licenses for Alchemy (a document database) were in use, some by people who were idle for over an hour, and the person who really needed the license couldn’t get it. But Alchemy only gives you IP addresses, not computer names or user IDs. So I can use nbtstat to find the computer name from the IP address, but that’s still cumbersome. In the past, I have had to make a spreadsheet (and keep it up to date) of which user has which computer. It’s a good thing to have anyway, but I don’t need it for this process anymore.
Enter LoggedOn2. It’s a simple (and incredibly fast) Delphi program that will grab the logged on user on any given box, either via NetBIOS name or IP address. I tried a couple other alternatives, but this one was fastest and free. The others either didn’t work (as in a VBScript someone posted), were too slow (one was trying to scan the whole domain for computers), or were shareware. I don’t mind buying the shareware (and getting a 1.7 billion dollar company to drop 50 bucks for software isn’t hard) but this one works too well. No installation needed, either.
It is open source, so I did have a look at the source code. I don’t write any Delphi, but I have enough knowledge to try to guess what it’s doing. It looks like it checks the registry of the PC (under the HKEY_CURRENT_USER hive) for the domain ID of the user. You do need administrative privileges on the remote machine (which you should have, if you’re an administrator). It’s fast, simple, effective, and free. Here’s a few screenshots:
The main screen. Click Scan Machine to continue…
Input the PC name or IP address, or select a computer from the list of domain PCs (which I conveniently blotted out)
Output is the domain\username for the computer you entered (just like this screen, except instead of saying “domain\username” it would say “YourCompany\t_collins” or somethinglike that). You can also click “Scan Domain” (if you have a small domain) and get the logged on user for every box. This would make asset tracking especially easy as you could develop a list easily.
Other features that would be great would be a comma-delimited or Excel report of all domain PCs and logged on users. Especially great would be the ability to search by IP range so that I can grab only a few VLANs from our rather incredibly large domain. At some point I would like to port this to Python, just for fun and to help my understanding of Python programming.
One minor annoyance (it’s a help too, but it’s annoying) is that the program is (in Windows terminology) “always on top.” This is nice because I might be logged on to a server via RDP and need to grab an IP address from the server while switching back and forth between LoggedIn2 and the RDP session. On the other hand, you have to minimize the window to get your screen back (it conveniently minimizes to the system tray).
This program is a great example of what old-school “hacking” was. Make your own tool and use it to access the information you need. Ah, makes me feel all nostalgic.
You can download LoggedOn2 here. Does anyone have a similar program for Mac or *nix?