AdSysNet AD Logon Reporter
AdSysNet Active Directory Reporter is simple centralized application that helps
the Active Directory Administrators to track the users successful and failure logins
with exact reason.
The tool helps the Active Directory Administrators to find who logged in which workstations
on which time. The logon failures reports helps the Administrators to find the exact
reason for the logon failure (Invalid username or password/user is disabled, locked,
password or account expired/logon hours restriction or logon workstations restriction.
With the logon failures reports helps the Administrators to track the unauthorized
access on the Active Directory resources access.
Since AdSysNet AD Logon Reporter is a centralized application, it needs to be installed
in only one. A Client application is available for the Administrators to generate
the logon reports. The client application can be installed in all the admin workstations.
Before start generating the reports, the client application needs to connect the
exact logon service component.
The reports are generated from the Domain Controllers events. Default Domain Controllers
policy needs to have the appropriate settings enabled for both success and failure.
AdSysNet AD Logon Reporter provides the option to select the Domain Controllers
to gather the logon events.
Logon reports lists the following information for the Administrators to track the
particular users domain logins over the period,
- When logged on - Represents the date and time the user logged on
- Who logged on - Represents the user who logged on
- Where logged on - Represents the workstation name or IP address where the user logged
- How logged on - Represents the type of logon (Interactive, Remote-interactive, Network)
- Where authenticated - Represents the Domain Controller name where the user logon
Logon failure reports lists the following information for the Administrators to
track the exact reasons for the users logon failures over the period,
- When accessed - Represents the date and time the user log on occured.
- Who accessed - Represents the username that entered to logon.
- Where accessed - Represents the workstation name or IP address where the user tried
to log on
- How accessed - Represents the type of logon access (Interactive, Remote-interactive,
- Where failed - Represents the Domain Controller name where the user logon authentication
- What happened - Represents the exact logon error occured. (Invalid username or password,
account disabled or locked, logonhours or permitted workstation restriction, password
or account expired.)