Hello. I have been playing with LDAP and Active Directory these last couple of days... I have successfully connected to Active Directory using JNDI LDAP. I can search for objects, get their properties, etc. Still having some problems though.
This is for a small Intranet application. I want to be able to verify users based on their domain logons. i.e. grant access if a user is logged onto the domain, and is trying to access the Intranet from the same computer. I also want to be able to re-authenticate users if they try to access managerial applications.
I have searched through attributes for both Users and Computers, but could not find a place where user->computer mapping is kept.
Questions: Does active directory keep real-time user login information? If so, where? Can I pull up which computer the user is logged on to? IP address of that computer?
Any information about Active Directory structure/schema, any pointers as to where in the AD I could try and search for useful information are appreciated.
Does AD keep any real-time information?
Any other ideas as to how we can piggy-back on NT's securuty are also appreciated.
posted 12 years ago
There is no relationship between user and computer built in to Active Directory. ADNM at http://www.logicdevelopment.net will create this relationship for you.