This isn't immediately available or easy to achieve, as a user object does
just what you've said - logs onto the *computer*. You logon to a computer
using your domain credentials, therefore a domain controller authenticates
you and the Kerberos system provides your account with an authorisation
ticket. You use this to logon to the computer. This information isn't
really stored anywhere (a cache in volatile memory on the computer in
question only). Logon auditing events can be written to the security log of
the domain controller in question, but that's about it. If you want a store
of this information you'll have to write it yourself. Although you can
probably download and install LimitLogon, and modify the code (logon and
logoff scripts) so that this information is logged; as opposed to the
default behaviour of the application - stopping you logging on.
--
Paul Williams
Microsoft MVP - Windows Server - Directory Services
http://www.msresource.net | http://forums.msresource.net