How to find out what user is logged on to a computer in the domain.

The story so far. Somebody is hammering one of the servers with smb requests to a share, that is located on another cluster node. You found that this requests are made from a workstation in a different location and you want to inform the user that they should double check their configuration. So how can you find out who is logged on to this system?

I found a vbs script in the Internet, written by a guy named Richard Mueller:

'nbtstat-a.vbs
'Thanks to Richard Mueller

Option Explicit
Dim strComputer, objWMIService, colProcesses, objProcess
Dim colProperties, strNameOfUser, strUserDomain

'Specify or prompt for remote computer.
strComputer = wscript.arguments(0)

Set objWMIService = GetObject("winmgmts:" _
   & "{impersonationLevel=impersonate,authenticationLevel=Pkt}!\\" _
   & strComputer & "\root\cimv2")
Set colProcesses = objWMIService.ExecQuery _
   ("SELECT * FROM Win32_Process WHERE Name = 'explorer.exe'")
For Each objProcess In colProcesses
   colProperties = objProcess.GetOwner(strNameOfUser, strUserDomain)
   Wscript.Echo "Owner of Explorer.exe on " & strComputer _
   & " is " & strUserDomain & "\" & strNameOfUser
Next

Safe the code as nbtstat-a.vbs and start it with:
 cscript nbtstat-a.vbs computername 

About Juergen Caris

I am 54yo, MSc(Dist) and BSc in Computer Science, German and working as a Senior Server Engineer for the NHS Lothian. I am responsible for the patient management system, called TrakCare. I am a UNIX/Linux guy, working in this sector for more than 20 years now. I am also interested in robotics, microprocessors, system monitoring, Home automation and programming.
This entry was posted in Windows. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>