LDAP (Active Directory) and user statuses
shimi
linux-il at shimi.net
Fri Jun 1 19:16:18 IDT 2012
On Fri, Jun 1, 2012 at 6:53 PM, ik <idokan at gmail.com> wrote:
> Thank you both, I'm thinking in forcing the DC to add me a property of
> "login" with boolean field or something like that, because as I understand,
> they do know if a user is logged in.
> For me the number of logins is not important, only that they are logged
> in somewhere.
>
>
A typical Microsoft configuration would have more than one domain
controller. In large organizations, you could have 20 of them. Not all of
their data is necessarily synchronized (and clients contact DC's pretty
much randomlly, either globally in the org, or within a Site, if that is
configured "right"), and even when they do, this is not always in real
time, there could be significant delays.
Let's assume you manage to know that someone logged in.
How do you know he logged out?
If he turned off his computer, will he remain logged in forever?
Points to take... (maybe you're trying to find the wrong solution to the
problem, which I don't even know what is it?)
-- Shimi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20120601/2cf261e9/attachment-0001.html>
More information about the Linux-il
mailing list