Remote Control (VNC) - usage logging

Which VNC are you using? We don't use it much but I do have some installs of UltraVNC on our computers. UltraVNC does make an entry in the windows event log (application log, source = UltraVnc) whenever someone connects. If you are using a different flavor of VNC that does not log, perhaps you should consider switching.

Perhaps I misread the original issue as I assumed it had to do with using the 'Remote Control' link via the actions bar.

That script logs who clicked the link, when they clicked it, and what PC it's trying to connect to.

It really doesn't matter what the action is really doing. As you can see in the WshShell.Run line you can put anything in there you want. If you choose to you can change the run command to anything that the actions do.

I'll edit it and put in comments to make it more clear.

-Sal

With the script you have, you are able to log who uses VNC? Is that the VNC only through Lansweeper? Because if they have downloaded the VNC to there machine however, its attached to the same domain, would that still log or only if they access it through lansweeper?

*This is really awesome!!!

You could just script the action and log it each time. Problem is, if your people are smart they could go in and edit the logs, but if they were smart they wouldn't be abusing a remoting software. And if they do prove to be smart, instead of writing the information to a log you could code it to e-mail you each time they use it.

remotecontrol.vbs {computer}

If WScript.Arguments.Count = 1 Then
	'Bring in target computer name
	strRemoteComputer= WScript.Arguments(0)
	'Grab the data and time of calling the script
	strDate = Date()
	strTime = Time()
	
	strComputer = "."

	Dim WshShell
	Dim objFSO
	Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
	Set WshShell = WScript.CreateObject ("WSCript.shell")
	Set objFSO= CreateObject("Scripting.FileSystemObject")
	Set objText = objFSO.OpenTextFile("\\LansweeperServer\LansweeperShare$\logs\lsremotelog.txt", 8, True)
	Set colItems = objWMIService.ExecQuery("Select * From Win32_ComputerSystem")

	'Find the username of the person clicking the link
	For Each objItem in colItems
		strUser = objItem.UserName
	Next

	'Write the log entry with Date, Time, User, and Target PC
	objText.WriteLine(strDate & " " & strTime & " " & strUser & " " & strRemoteComputer)
	objText.Close
	
	'Run your command
	WshShell.run("\\LansweeperServer\LansweeperShare$\lsremote.exe " & strRemoteComputer)

End If

-Sal

P.S. Change file paths to something that actually works, and note that the lansweeper share isn't writable so you may want to put the log folder somewhere else.

NetworkTech wrote:
How do I track who is using Remote Control (VNC) and which machines they’re attaching two?

This is not currently possible. Only those with administrative privileges on the target machines can remote control them however.