In a multiple domain controller environment it may be difficult to identify which DC processed a particular user logon event. This article guides the administrator in how to enable logon event logging on DCAgents which may help to troubleshoot 'guests' issues.
echo %logonserver%
1. Type of event (Logon)
1. Domain and username (Vlad-AD\Administrator)
3. Station name (Vlad-VS)
4. resolved station IP address (workstation IP: 192.168.1.121)
Configuration
dcagentlog.txt sample
02/17/2010 18:13:41.158: processing Logon (level=1) VLAD-AD\Administrator (Administrator) from VLAD-VS
Domain:VLAD-AD DNS suffix added:vlad-ad.local.
workstation IP:192.168.1.121
02/17/2010 18:13:41.158: finish processing.
02/17/2010 18:13:42.377: processing Logon (level=2) VLAD-AD\Administrator (Administrator) from VSBS2003
Domain:VLAD-AD DNS suffix added:vlad-ad.local.
workstation IP:192.168.1.240
02/17/2010 18:13:42.377: finish processing.
02/17/2010 18:13:42.377: processing Logon (level=2) VLAD-AD\Administrator (Administrator) from VSBS2003
Domain:VLAD-AD DNS suffix added:vlad-ad.local.
workstation IP:192.168.1.240
02/17/2010 18:13:42.377: finish processing.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.