Re: Attributes that Update during Computer logon

Thank you very much for your response. 3 additional questions.
You mention that the computer may request its password to be reset, will the
object request this automatically based on the 14 days password policy and
how much time is left before expiring?

Also, in reviewing the attributes for a Computer object (using a LDAP
browser) I noticed multiple attributes named "dsCorePropagationData" that
appear to be dates as well. Any idea what these are and if I would need to
update them to simulate a logon? Microsoft lists it as "Internal Use only."

Finally you mentioned that "lastLogon" was not replicated but is the
"lastLogonTimestamp" attribute? If I am not mistaken "User" objects have
this same attribute and it is replicated every 14 days. Will the "Computer"
objects "lastLogontimestamp" function the same way?

You assistance is greatly appreciated.
Thanks
Ray

"Richard Mueller [MVP]" wrote:

Ray wrote:

Hello, my company has a lot of field sales users that are completed
disconnected from the Corporate network outside of logging into our VPN
solution. I am trying to script the necessary updates to their Computer
objects when they log in to the VPN. Can someone please help me to
identify
what attributes for a Computer object are updated upon login? Even better
would be a complete end to end documentation describing all steps to the
logon process including the attributes that are updated in the directory.

When the computer authenticates to the domain, the following attributes of
the computer object are updated on the DC that authenticates:

lastLogon
logonCount

Neither of these is replicated to other DC's. The lastLogon is Integer8, a
64-bit value representing the date/time. The logonCount attribute is an
integer that is incremented.

In addition, if the client computer requests that the password be reset (I
think the default is every 14 days), the pwdLastSet attribute is updated.
This attribute is also Integer8 and is replicated.

This also holds for user objects, although the badPasswordTime and
badPasswordCount attributes can also be updated. Neither is replicated to
other DC's.

All of these attributes are updated by the system. I don't believe you can
modify lastLogon, but documentation indicates that members of Domain Admins
can update logonCount (I have not tried).

--
Richard Mueller
MVP Directory Services
Hilltop Lab - http://www.rlmueller.net
--



.

Relevant Pages

  • Re: Attributes that Update during Computer logon
    ... You mention that the computer may request its password to be reset, ... Finally you mentioned that "lastLogon" was not replicated but is the ... roving disconnected for some time and it won't matter. ...
    (microsoft.public.windows.server.active_directory)
  • Re: Attributes that Update during Computer logon
    ... prior to logon but the learning curve for our users is what may be difficult ... You mention that the computer may request its password to be reset, ... in reviewing the attributes for a Computer object (using a LDAP ... Finally you mentioned that "lastLogon" was not replicated but is the ...
    (microsoft.public.windows.server.active_directory)
  • Re: Form Validation (revisited)
    ... Geoff & Jock ... with the name "reset" - I similarly test for that and reset "emailAddress" ... >> And I'm not sure what you mean by 'usability blunder'. ... > The fact that a submit button (which causes a request to be made) is ...
    (comp.lang.php)
  • Re: I receive the same email from "Microsoft Customer Support" ev
    ... Reset your Windows Live password? ... We received your request to reset your Windows Live password. ... Follow the instructions on the web page that opens. ...
    (microsoft.public.security)
  • Re: I receive the same email reminding reset password from "microsoft" every day!
    ... I receive the same email with the same subject of "Reset your Windows Live password?" ... To confirm your request and reset your password, ... Follow the instructions on the web page that opens. ...
    (microsoft.public.security)
Quantcast