Active Directory mISV

Saturday, February 25, 2006

All about Active Last Logon

I'm sure many of you who see this blog aren't necessarily that familiar with Active Directory so I decided to post more about what Active Last Logon does and how the decision to create this product came about.

So in brief words Active Directory is a database of users, resources and ACL's giving access to the resources. It also handles Authentication and Authorization. Now there is plenty more to it such as workstation management, but for our purposes today that is enough.

Administrators typically use a tool called "Active Directory Users and Computers"(ADUC) to manage users, groups, workstations, etc. When you look at the properties of a user's account using ADUC you see mostly static data. The user's full name, group memberships, login script, etc.

Active Directory however does store some data that is more dynamic. One of these things is the last time the user logged on to Active Directory updated each time the user logs on. The catch is the "Last Logon Time" attribute stored in Active Directory is a non-replicated property meaning each domain controller has it's own copy of this property that only applies to itself. So the end result is a different value for the last logon time on each domain controller.

For the purposes of this post just consider a domain controller to be a server with a copy of the Active Directory DB and can authenticate users.

So to get the an accurate value for the last time the user logged on each domain controller must be checked. Here is were my product Active Last Logon comes in. It adds a tab to ADUC called Last Logon that polls all the domain controllers and displays the most recent.

The idea to create this product came about because of my background as an administrator on Novell eDirectory networks. In that environment the last logon time is displayed by the management tools by default. This is because the last logon attribute in eDirectory is a replicated attribute. I then found myself working on Active Directory networks and wanted to see this value, thus giving me the idea to create this product.

The differing philosophies regarding Active Directory vs. eDirectory is the subject for a later post.

I hope this post has helped some of you who may be reading this and aren't familiar with Active Directory to understand my product a bit.

Thanks for reading.

Wednesday, February 22, 2006

First Screenshot

I finally got the first screenshot up on the website. The website is really ugly at this point, but I'm concentrating on the getting the beta done. The beta is complete including the installer, except for some internal testing.

On another note if anyone knows if this is a bad idea, the way the website is setup right now is dotnetnuke is installed to a subdirectory, then I put a default page at the root that does a redirect to the dotnetnuke directory. Is this a bad idea, I'm mostly thinking of in relation to search engines/crawlers.

I'm redirecting like this:

Response.Status="301 Moved Permanently"
Response.AddHeader "Location", "/dnndirectory"


Since I'm assuming most people reading this are not Active Directory admins, I'm going to have to start casting a wider net for beta testers, so if you know anyone who may be interested...

www.desertwillowtech.com

Sunday, February 19, 2006

Active Last Logon

So it is time to announce my first product. It is named "Active Last Logon". It adds an additional tab to Active Directory Users and Computers to view last logon information for a user. It polls all Domain Controllers in a domain and get the last logon info from each one then displays the most recent on the new tab.

I intended to have a screenshot to accompany this post, but I'm not blogging this from home so hopefully I'll get screenshots posted later tonight.

The company website is also running although it still needs to beaten with a pretty stick. www.desertwillowtech.com I need to add the screenshots there also. The website is a work in progress and will be changing quite a bit over the next week or two.

Thanks to those who posted comments spurring me to get this announcement out since I had originally intended to post it last Friday.

Sunday, February 12, 2006

What's the product?

I will be announcing my first product on Friday February 17. I'm now officially looking for beta testers. The product is really lightweight and takes about 2 minutes to configure and install. Potential testers are any Active Directory administrators, you do need Enterprise Admin rights to install, but there are NO schema extensions involved. Of course I expect most people to wait until I announce the product before volunteering. I'm thinking of offering a 20% discount to active beta testers. Seem fair?

I'm also planning to have the new company website up on Friday also, although it may be fairly ugly for a week or so while I shift most my efforts onto it.

Exciting times ahead!