Hi, I'm trying to write a script to log the IP address of the Windows client from which the user initiated Remote Desktop to log in to the Windows Server. How to capture the IP address of the client in the Server?
+2
A:
So, you ignore proxy...
- using environment var: CLIENTNAME in domain you can resolve it back to IP
without domain controller:
- using WMI script you can get to Event Log, source: Security, look for category Logon/Logoff where username = environment variable USERNAME
Dewfy
2009-10-02 15:21:49
+1
A:
If you are using PowerShell or a .NET language, the trunk version of the Cassia library supports this -- you'd just need to check it out and build it yourself. To print the remote addresses of all sessions on the local server, you might use something like the following:
ITerminalServicesManager manager = new TerminalServicesManager();
foreach (ITerminalServicesSession session in manager.GetLocalServer().GetSessions())
{
IPEndPoint ipEndPoint = session.RemoteEndPoint as IPEndPoint;
if (ipEndPoint != null)
{
Console.WriteLine(ipEndPoint.Address);
}
}
I'll edit this later when the next version of Cassia is released.
Dan Ports
2009-10-05 11:42:51
A:
If you want to use "pure" Powershell 2.0:
$Wtsapi32 = @' using System; using System.Text; using System.Runtime.InteropServices;
namespace Wtsapi32 {
public enum WTS_INFO_CLASS
{
WTSInitialProgram,
WTSApplicationName,
WTSWorkingDirectory,
WTSOEMId,
WTSSessionId,
WTSUserName,
WTSWinStationName,
WTSDomainName,
WTSConnectState,
WTSClientBuildNumber,
WTSClientName,
WTSClientDirectory,
WTSClientProductId,
WTSClientHardwareId,
WTSClientAddress,
WTSClientDisplay,
WTSClientProtocolType
};
[StructLayout(LayoutKind.Sequential)]
public struct WTS_CLIENT_ADDRESS
{
public uint AddressFamily;
[MarshalAs(UnmanagedType.ByValArray, SizeConst = 20)]
public byte[] Address;
}
public class PS {
public const IntPtr WTS_CURRENT_SERVER_HANDLE = IntPtr.Zero;
public const int WTS_CURRENT_SESSION = -1;
[DllImport("wtsapi32.dll", EntryPoint="WTSQuerySessionInformation")]
public static extern bool WTSQuerySessionInformation(
System.IntPtr hServer,
int sessionId,
WTS_INFO_CLASS wtsInfoClass,
out System.IntPtr ppBuffer,
out uint pBytesReturned);
[DllImport("wtsapi32.dll", EntryPoint="WTSFreeMemory")]
public static extern void WTSFreeMemory(
IntPtr memory);
}
} '@
Add-Type -TypeDefinition $Wtsapi32
Remko
2009-10-08 17:49:14
I get an "UnrecognizedToken" error when I execute this in Powershell
Jeremy
2010-08-25 15:35:23
Are you sure you used the complete code, since a few lines seem to fall out of the code block?
Remko
2010-10-19 06:27:50