-->
Applies To: Windows Server (Semi-Annual Channel), Windows Server 2016
Note: Windows Server 2012 combines DirectAccess and Routing and Remote Access Service (RRAS) into a single Remote Access role.
The management console on the Remote Access server can be used to generate a usage report for the remote clients that are accessing the server. To generate a usage report for remote clients, you first enable accounting on the Remote Access server. After you generate the report, you can use the monitoring dashboard that is available in the management console on the Remote Access server to view the load statistics on the server.
Note
You must be signed in as a member of the Domain Admins group or a member of the Administrators group on each computer to complete the tasks described in this topic. If you cannot complete a task while you are signed in with an account that is a member of the Administrators group, try performing the task while you are signed in with an account that is a member of the Domain Admins group.
To enable accounting on the Remote Access Server
- In Server Manager, click Tools, and then click Remote Access Management.
- Click REPORTING to navigate to Remote Access Reporting in the Remote Access Management Console.
- Click Configure Accounting in the Remote Access Reporting task pane.
- Select the Use inbox accounting check box to enable accounting on the Remote Access server.
- Click Apply to enable the accounting configuration on the server, and then click Close after the server has applied the configuration successfully.
Access Accounting Setup. Okay, I have alot of questions that I can't find answers to but here goes. I will start by explaining what I do have.
To generate the usage report
- In Server Manager, click Tools, and then click Remote Access Management.
- Click REPORTING to navigate to Remote Access Reporting in the Remote Access Management Console.
- In the middle pane, click dates in the calendar to select the report duration Start date: and End date:, and then click Generate Report.
- You will see the list of users that have connected to the Remote Access server within the selected time and detailed statistics about them. Click the first row in the list. When you select a row, the remote user activity is shown in the preview pane. Now select the Server Load Statistics tab in the preview pane to see the historical load on the server.Click the Server Load Statistics tab in the preview pane to see the historical load on the server.
Note
Understanding sessions
Remote Access accounting is based on the concept of sessions. In contrast to a connection, a session is uniquely identified by a combination of remote client IP address and user name. For example, if a machine tunnel is formed from the remote client, named Client1, a session will be created and stored in the accounting database. When a user named User1 connects from that client after some time passes (but the machine tunnel is still active), the session is recorded as a separate session. The distinction of sessions is to retain the distinction between machine tunnel and user tunnel.
Windows PowerShell equivalent commands
The following Windows PowerShell cmdlet or cmdlets perform the same function as the preceding procedure. Enter each cmdlet on a single line, even though they may appear word-wrapped across several lines here because of formatting constraints.
In the following script, change the date range for which you want a report in the -StartDateTime and -EndDateTime parameters.
-->Applies To: Windows Server (Semi-Annual Channel), Windows Server 2016
Remote Access monitoring reports remote user activity and status for DirectAccess and VPN connections. It tracks the number and duration of client connections (among other statistics), and monitors the operations status of the server. An easy-to-use monitoring console provides a view of your entire Remote Access infrastructure. Monitoring views are available for single server, cluster, and multisite configurations.
Note: Windows Server 2012 combines DirectAccess and Routing and Remote Access Service (RRAS) into a single Remote Access role.
Note
In addition to this topic, the following topics on monitoring Remote Access are available.
In this guide
This document contains instructions for leveraging the monitoring capabilities of Remote Access by using the DirectAccess management console and the corresponding Windows PowerShell cmdlets, which are provided as part of the Remote Access server role.
The following monitoring and accounting scenarios are explained:
- Monitor the existing load on the Remote Access server
- Monitor the configuration distribution status of the Remote Access server
- Monitor the operations status of the Remote Access server and its components
- Identify and resolve Remote Access server operations issues
- Monitor connected remote clients for activity and status
- Generate a usage report for remote clients by using historical data
Understand monitoring and accounting
Before you begin monitoring and accounting tasks for remote clients, you need to understand the difference between the two.
- Monitoring shows actively connected users at a given point in time.
- Accounting keeps a history of users who have connected to the corporate network, and their usage details (for compliance and auditing purposes).
Remote client monitoring is based on connections. There are two types of tunnel connections that are established by DirectAccess clients:
- Machine tunnel traffic connections: This tunnel is established by the computer, in system context, to access servers that are required for name resolution, authentication, remediation updating, and so on.
- User tunnel traffic connections: This tunnel is established by the user account on the computer, in a user context, when the user tries to access a resource on the corporate network. Depending on the deployment requirements, a user might have to provide strong credentials (for example, by using a smart card or providing a one-time password) to access the corporate network resources.
For DirectAccess, a connection is uniquely identified by the IP address of the remote client. For example, if a machine tunnel is open for a client computer, and a user is connected from that computer, these would be using the same connection. In a situation where the user disconnects and connects again while the machine tunnel is still active, it is a single connection.