How to capture windows user login in Unix

**sicarie** · Jan 18 '11, 10:10 PM

The user logins and escalations should be kept in various /var/log files (I can't remember the specific ones AIX uses.

It should be a matter of ensuring your logging levels are high enough to capture the information you're looking for without overloading your storage, and then finding the right logs to match the user login with the command execution.

What are you using for logging right now?

**sightless** · Jan 20 '11, 06:57 AM

Hi,
Sorry for late reply; I was on leave.

To log in to unix, the user currently uses a common login profile to process some data by running shell scripts. There are options available to the user, he just select an option to run. Currently, there is no specific user profile for each user logs in the system. Once logged in, I can only capture the unix login, which is a common login. I lose trace of who runs what.

I am just wondering if there a way to allow my unix capture the windows login.

Thanks.
AK

**sicarie** · Jan 20 '11, 04:39 PM

I would HIGHLY recommend using separate Linux shell accounts and setting up something like LDAP to manage MS ActiveDirectory to Linux logins, however that's a suggestion.

How do the users connect? If it's via ssh then there's a log of what IP the user came in with at a specific time. Find the time the script was started, find the IP of the user who kicked it off, and check your network diagrams.

**sightless** · Jan 23 '11, 05:27 PM

Hi,

Yes, it is a good suggestion. I will try that, but I am not sure how far I may go with it. But I will give it a try.

Thanks a lot.

How to capture windows user login in Unix

How to capture windows user login in Unix

Comment

Comment

Comment

Comment