LDAP (Active Directory) and user statuses

LDAP (Active Directory) and user statuses

Baruch Shpirer baruch at shpirer.com
Fri Jun 1 19:46:15 IDT 2012 

You have last login, but not sure it would be much usefull to what you are
trying to accomplish here

On Fri, Jun 1, 2012 at 11:53 AM, ik <idokan at gmail.com> wrote:

> On Fri, Jun 1, 2012 at 4:41 PM, Baruch Shpirer <baruch at shpirer.com> wrote:
>
>> You can run some syslog for windows daemon on your dcs and redirect to
>> some linux syslog daemon and parse security events for login
>>
>> Last login record in the ldap will not help you much
>>
>> Baruch
>>
>> shimi <linux-il at shimi.net> wrote:
>>
>>
>>
>> On May 31, 2012 6:14 PM, "ik" <idokan at gmail.com> wrote:
>> >
>> > Hello,
>> >
>> > I need to write an application (on Linux) that checks with Active
>> Directory if a user is logged in, and few other details about that user.
>> > The only thing I do not understand, is how can I check if a user has
>> logged in or not.
>> >
>> > Does anyone have any experience with this issue and can shed some
>> light, or point me to a good documentation on the subject ?
>> >
>> > Thanks,
>> > Ido
>> >
>>
>> AFAIK, AD doesn't "know" a user is "logged in", because AD is not a login
>> service, rather than an information source (e.g. *can* you login or not
>> with the credentials provided). Also, you may be logged in to multiple
>> stations on the domain... which one is the important to you? How would it
>> know?
>>
>> You need workstations/server level info, not AD, IMHO.
>>
>> For example you could query NetBIOS via nbtstat -A ipaddr from a remote
>> windows machine... there should be samba equivalent (don't remember by
>> heart, sending this from my sgs2)
>>
>> Hope this helps...
>>
>
> Thank you both, I'm thinking in forcing the DC to add me a property of
> "login" with boolean field or something like that, because as I understand,
> they do know if a user is logged in.
> For me the number of logins is not important, only that they are logged in
> somewhere.
>
>
>> -- *Shimi*
>>
> Ido
>
>
>
>> On May 31, 2012 6:14 PM, "ik" <idokan at gmail.com> wrote:
>>
>>> Hello,
>>>
>>> I need to write an application (on Linux) that checks with Active
>>> Directory if a user is logged in, and few other details about that user.
>>> The only thing I do not understand, is how can I check if a user has
>>> logged in or not.
>>>
>>> Does anyone have any experience with this issue and can shed some light,
>>> or point me to a good documentation on the subject ?
>>>
>>> Thanks,
>>> Ido
>>>
>>> _______________________________________________
>>> Linux-il mailing list
>>> Linux-il at cs.huji.ac.il
>>> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>>>
>>>
>


-- 

Thanks and best regards



Baruch Shpirer
Cell (IL)     +972 52 602 6643
Cell (CA)   +1 647 898 7602
Skype       baruch_shpirer
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20120601/d0157f13/attachment.html>

More information about the Linux-il mailing list