PowerShell search for computer name using logged-in UserName in the domain

Welcome Forums General PowerShell Q&A PowerShell search for computer name using logged-in UserName in the domain

Viewing 1 reply thread
  • Author
    Posts
    • November 23, 2020 at 4:38 am #273343
      HosamAlharbi34
      Participant
      Topics: 1
      Replies: 0
      Points: 12
      Rank: Member

      I need help

      I want to search with Powershell for computer name using logged-in UserName in the domain

      example of searching logged name using the computer name

      Get-WmiObject -Class win32_computersystem -ComputerName C0000169 | select username

      How can I Reverse it?

    • November 23, 2020 at 10:23 am #273409
      Rob Simmers
      Participant
      Topics: 17
      Replies: 1951
      Points: 3,988
      Helping Hand
      Rank: Community Hero

      First, would argue that Win32_ComputerSystem is not really the best method to see current sessions are on system. Reversing isn’t that simple. First thought is you would need to get DomainController audit information. Typically, this type of audit is used to see where someone is logged in when their account is being locked out. This requires an audit of every domain controller for event 4624 in the eventlog:

      https://www.netwrix.com/how_to_get_user_login_history.html

  • Author
    Posts
Viewing 1 reply thread
  • You must be logged in to reply to this topic.