Question : Display logon message to new users at first logon.

We have a need to display an "EULA" type message to an active directory user at first logon.

We wish to do this as a means to ensure a new users reads and accepts our companies IT policy.

We obviously would rather not have it display every time a user logs on, however a middle ground may be acceptable.

One example i thought of is if we have a logon script check the workstation for a user profile, if that user does not have a user profile then display the message. they will more than likely be a new user. At worst they will see this each time they move to a new workstation or logon to a different citrix server but not subsequent logons once the local profile is created.

I woudl rather find some way of reading the last logged on attribute from ad and if that = 0:00 etc then they are new users and display logon message.



Answer : Display logon message to new users at first logon.

The attribute LastLogin can be diffrent for each domain controller in you're domain (witch DC handled the last login?)

The function getLastLogin in the attached script enummerates all of you're domain controllers, and returns the lastlogin name for the given user.
This can be used to check to see or the user is ever loged on to you're domain.
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
Dim objNetwork
Set objNetwork = CreateObject("WScript.Network")
Set oRoot = GetObject("LDAP://RootDSE")

if getLastLogin(objNetwork.UserName) = "1-1-1970" then
 msgbox "First login"
else 
 msgbox "loged in before"
end if

Function getLastLogin(Username)
 lastDate = "1-1-1970"
 sConfigNamingContext = oRoot.Get("configurationNamingContext")
 Set oADOCommand = CreateObject("ADODB.Command")
 Set oADOConnection = CreateObject("ADODB.Connection")
 oADOConnection.Provider = "ADsDSOObject"
 oADOConnection.Open "Active Directory Provider"
 oADOCommand.ActiveConnection = oADOConnection
 sADOQuery = "<LDAP://" & sConfigNamingContext & ">;(ObjectClass=nTDSDSA);AdsPath;subtree"
 oADOCommand.CommandText = sADOQuery
 oADOCommand.Properties("Page Size") = 100
 oADOCommand.Properties("Timeout") = 30
 oADOCommand.Properties("Cache Results") = False
 Set oRecordSet = oADOCommand.Execute
 Do Until oRecordSet.EOF
  Set oDC = GetObject(GetObject(oRecordSet.Fields("AdsPath")).Parent)
  Set conn = CreateObject("ADODB.Connection")
  conn.Provider = "ADSDSOObject"
  conn.Open "ADs Provider"
  strLDAP = "<LDAP://" & oDC.cn & ">;(&(objectCategory=User)(sAMAccountName=" & Username & "));adspath;subtree"
  Set oComm = CreateObject("ADODB.Command")
  oComm.ActiveConnection = conn
  oComm.CommandText = strLDAP
  Set rs = oComm.Execute
  While Not rs.EOF
   Set FoundObject = GetObject (rs.Fields(0).Value)
   On error Resume Next 
   if datediff("s", lastDate, FoundObject.LastLogin) > 0 then
    lastDate = FoundObject.LastLogin
   end if
   rs.MoveNext
  Wend
  oRecordSet.MoveNext
 Loop
 oADOConnection.Close
 getLastLogin = lastDate
End Function 'getLastLogin
Random Solutions  
 
programming4us programming4us