Recent Posts

Tags

News

  • Search

    <input class="BlogSearch" type="text" name="searchBox" id="blogSearchText" value="" onkeypress="return blogSearch(event, this);"> <input type="button" value="Search" onclick="return blogSearch2('blogSearchText');" class="BlogSearchButton"> <script type="text/javascript"> function blogSearch(event, oInput) { var keyCode = (event) ? event.keyCode : keyStroke.which; if (keyCode == 13) { top.location = 'http://www.google.com/search?q=' + escape(oInput.value) + '+inurl%3Ajavier+site%3Amsmvps.com'; return false; } return true; } function blogSearch2(oInputId) { var oInput = document.getElementById(oInputId); top.location = 'http://www.google.com/search?q=' + escape(oInput.value) + '+inurl%3Ajavier+site%3Amsmvps.com'; return false; } </script>

Community

Email Notifications

SBS Blogs

Helpful Sites

Archives

Javier's SBS Wonderland

Take the red pill and see how far down the rabbit hole goes...

LimitLogin - Tool to limit and monitor concurrent logins in a domain

A couple of people in the past have asked how to prevent users from logging more than 1 time (or x number of times) on different devices across the network. I stumbled accross this tool which seems like it does exactly that better than the old CConnect.exe (also some other nice features):

LimitLogin v1.0

 LimitLogin is an application that adds the ability to limit concurrent user logins in an Active Directory domain. It can also keep track of all logins information in Active Directory domains.

 LimitLogin capabilities include:

·         Limiting the number of logins per user from any machine in the domain, including Terminal Server sessions.

·         Displaying the logins information of any user in the domain according to a specific criterion (e.g. all the logged-on sessions to a specific client machine or Domain Controller, or all the machines a certain user is currently logged on to).

·         Easy management and configuration by integrating to the Active Directory MMC snap-ins.

·         Ability to delete and log off user session remotely straight from the Active Directory Users and Computers MMC snap-in.

·         Generating Login information reports in CSV (Excel) and XML formats.

LimitLogin grants System Administrators, Help Desk staff or any other IT-related personnel the ability to quickly query for any user logged on to the domain and view the machines they’re currently logged on to, while enabling the above list of features and management tasks to be performed on those user sessions.

Note: As far as I can tell this only works with Win2k3 domains and the clients must be running Win2k or XP. You can download the tool here.

 

Posted: Mar 14 2005, 06:54 PM by Javier | with 14 comment(s)
Filed under: , ,

Comments

Javier said:

I was catching up this morning to Susan's blog. I SWEAR that when I posted this I had no idea that Susan posted it before me!

http://msmvps.com/bradley/archive/2005/03/14/38541.aspx

Great minds think alike? or what? :-)
# March 15, 2005 8:34 AM

Javier said:

wow
# April 7, 2005 7:52 AM

Javier said:

ddd
# April 7, 2005 7:53 AM

Javier said:

To my opinion, the only good side of LimitLogin is that it is free...
But it is far too cumbersome to install and administer to meet the requirements of a serious organization when it comes to properly manage user sessions.

As far as I am concerned, I use a 3rd-party tool named UserLock (http://www.userlock.com) and even if it costs around 2 or 3$ par workstation it is really worth it!
# May 3, 2005 8:39 AM

Javier said:

Sounds like a cool tool... I will check it out! Thanks!
# May 3, 2005 8:42 AM

Javier said:

Hi,



I‘m trying to install limitlogin on one of my servers. I prepared this server regarding all of the prerequisites written in chm of limitlogin.



1)First of all, I prepared a new W2k3 wSP1 server with all updates.

2)Then I configured this server as a dc in a new forest.

3)Then, I configured it as an IIS Server. (with ASP.NET)

4)There is no problem with IIS installation of LimitloginIISSetup.

5)After installing LimitloginIISSetup, I restarted the server.

6)Then I double-clicked on LimitloginADSetup.

7)I selected to install limitlogin for everyone who logs on to this computer

8)Then checked the three boxes (Prepare AD Forest, Domain for limitlogon).

9)There is no problem with extending Schema.

10) Then, i create a new folder in c:\ for login and logoff script and share it to all authenticated users in domain.

11)Then, write it into Script Share Folder (\\Servername\share)

12) Write the name of the IIS server (same server) and click next.



Then I get an error message:



“The remote server returned an error: (401) Unauthorized”



I did not change any permission on IIS settings. J



What can be the problem?



Thanks for your help…





Burak YANIKOGLU

E-Mail: burak.yanikoglu@itu.edu.tr

# June 15, 2005 12:41 PM

Javier said:

@ Burak YANIKOGLU

you have to allow directory browsing in preferences of WSLimitLogin in IIS mmc. Also you have to allow writing the folder. then it will work.
# July 18, 2005 11:57 AM

TrackBack said:

LimitLogin - Tool to limit and monitor concurrent logins in a domainooeess
# July 22, 2005 12:04 AM

TrackBack said:

LimitLogin - Tool to limit and monitor concurrent logins in a domainooeess
# August 2, 2005 7:56 PM

Javier said:

This is a 2 part message. Part 1 is a problem that I'm having; Part 2 is a solution to a problem that I and another user (Burak) had.

1. I've gotten LimitLogin installed on the server and the clients. However, at both login and logoff I receive the following error message twice.
"Windows Script Host: SOAP object creation failed. Have you run the LimitLogin client setup? Here are the details: ActiveX component can't create object."
I know that these errors are coming from the logon/logoff scripts provided with the LimitLogin files, but I can't determine why I'm getting them.



2. Burak: I had the same problem. The fix for me was to set a method for authenticated access. Open IIS Manager, go to the website item (mine was just Default Web Site), right-click on it and select Properties. On the Directory Security tab, click on the Edit button in the "Authentication & access control" section. Select your method(s) for authenticated access.

# August 22, 2005 10:16 AM

Javier said:

Hi,
does anyone know if this tool needs to make or will make changes to the AD schema?
# September 13, 2005 11:04 AM

Javier said:

I installed LimitLogin successfully on a Win2003 server, and the clients running on the workstations.
However, when the users configured for login logged in the workstations it did not limit the login quotas, checking on the server reviewed the Total number of Logins: 0
When the Event logs were checked on the workstations, the Soap error : Maximum retry on the connection exceeded apeared.
Looks like something is wrong with the IIS web service and the clients cannot communicate with it! I tried running the LimitLogin IIS on different Web servers and modifying the limitlogin.wsdl to point to it but the results were the same.

Is there anything specific needs to be done on the web servers? Anyone has any ideas??
# November 11, 2005 3:29 AM

Javier said:

I have the same problem, keep getting the following messages in the application event log....

1:
Soap error: Maximum retry on the connection exceeded..

2:
Soap error: An unanticipated error occurred during the processing of this request..

3:
Soap error: Sending the Soap message failed or no recognizable response was received.

4:
Soap error: Unspecified client error..

...every time I run the llogin.vsb script..

I had no problems during installation...

What could be wrong?
# November 22, 2005 2:09 AM

Ace Fekay's Active Directory, Exchange and Windows Infrastructure Services Blog said:

================================================================== Folder Redirection === By Ace Fekay

# September 8, 2009 11:39 AM
Leave a Comment

(required) 

(required) 

(optional)

(required)