Yes DCs are running Win2003 SP1, and webservers are win2003 sharepoint servers.
If it helps : DFL is windows 2000 mixed and FFL is Windows 2000
so i guess, Lastlogontimestamp is not populated and thats why we are looking at lastlogon attribute.
I also checked on clients that "Enable Windows integrated authentication" is enabled, which would try to use kereberos first then NTLM. (as per KB problem is when NTLM is used)
anything else i should check?
Also, as deji requested, list of logon types which update this attribute will also be of great help.
--
Kamlesh
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Be the change you want to see in the World"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
On 4/24/06, Steve Linehan <[EMAIL PROTECTED]> wrote:
Are you running Windows Server 2003 SP1? We fixed a number of scenarios where this attribute was not updated for other logon types in SP1. Here is just one example: http://support.microsoft.com/default.aspx?scid=kb;[LN];886705Thanks,-Steve
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Kamlesh Parmar
Sent: Monday, April 24, 2006 2:14 PM
To: [email protected]
Subject: [ActiveDir] Does windows integrated authentication in IIS update lastlogon attribute?Dear list members,
My apologies if this sounds OT.
We have some win2k3 web servers which use windows integrated authentication, and managers now want to display lastlogon time for all users, who use those web servers. Problem is lastlogon attribute of users is not updated when user login to those web servers, it is only updated when users do normal windows interactive logon.
does anyone know what kind of user login web servers do for integrated authentication?
And can it be changed such a way that, it results in lastlogon time stamp getting updated?
--
Kamlesh
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Be the change you want to see in the World"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
--
