[Samba] Domain level 2008 and last interactive logons
Rowland Penny
rowlandpenny at googlemail.com
Sun Jan 11 14:52:58 MST 2015
On 11/01/15 21:36, Tim wrote:
> Has anybody had a look at this site?
> http://technet.microsoft.com/en-us/library/understanding-active-directory-functional-levels(v=ws.10).aspx
>
>
> Last Interactive Logon Information
>
> Last Interactive Logon Information displays the following information:
>
> The total number of failed logon attempts at a domain-joined Windows Server 2008 server or a Windows Vista workstation
>
> The total number of failed logon attempts after a successful logon to a Windows Server 2008 server or a Windows Vista workstation
>
> The time of the last failed logon attempt at a Windows Server 2008 or a Windows Vista workstation
>
> The time of the last successful logon attempt at a Windows Server 2008 server or a Windows Vista workstation
>
> For more information, see Active Directory Domain Services: Last Interactive Logon (http://go.microsoft.com/fwlink/?LinkId=180387).
>
>
> I have tried this with a test DC on level 2008_R2. But when I create a GPO to show this information of last logon there comes an error, that this information is not stored in the AD. The user (administrator) can't logon to the Windows 7 workstation and I needed to delete the GPO link via samba-tool.
> Are these respective fields not created in Samba AD on function level 2008_R2?
>
> Any hints on this?
>
> Regards
> Tim
You have two problems here, the required attributes are there in AD, but
as far as I know, the required code to use them is not present in
samba4. Secondly, GPO's have no effect on the samba 4 AD DC and this
combined with the first problem is probably why you had problems with
your windows 7 machine.
Rowland
More information about the samba
mailing list