Why do some user accounts show up as never used?

  • Thread starter Thread starter Adrian Rodriguez
  • Start date Start date
A

Adrian Rodriguez

We have many Mac users who's windows account is only used for getting email
or having access to a share. They do not login to a Windows PC anywhere.

The problem is that when looking over these users accounts, they show up as
never being logged into. Our method of weeding out unused user accounts is
hampered by this anomaly.

Any suggestions?
 
We have many Mac users who's windows account is only used for getting email
or having access to a share. They do not login to a Windows PC anywhere.

The problem is that when looking over these users accounts, they show up as
never being logged into. Our method of weeding out unused user accounts is
hampered by this anomaly.

Any suggestions?
Click to expand...

I've had that same problem until I've found out about the MSUAM.

Try downloading the "Microsoft User Authentication Module" (MSUAM).

(http://download.microsoft.com/download/win2000srv/Install/1/MacOS/EN-US/MSU
AM_for_X.hqx)

There is also one for anyone using OS9.2 or Classic

(http://tc.versiontracker.com/product/redir/lid/137191/MSUAM_for_Classic.hqx
)

See the link below for details

http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/Serve
rHelp/a8f0fddc-c539-4e02-b313-f6d86515b08f.mspx
 
Thanks for this info. I have tried it on OS9.? and OS10.? (i'm not the mac
guy but I can get around) and it works well. They can now change passwords
even with more than 8 characters. They also get notification they need to
change it. Great!

BUT - the DCs still do not record the logon as they do with a PC logging in.
The logontimestamp does not get changed. I created a virgin account and only
used it logging on with the MAC and it still never recorded any logon
timestamps on the DCs. So I still can only determine if the accounts are
being used by the PwdExpires attribute. The server holding the share has a
log of the access and the record shows NTLM authentication was used - not
exactly NTLMv2 which I expected.

SO - I am going to try to test how the NTLMv2 works. It looks as if now they
are still actually using plain ntlm as the server had needed to be set to
allow this. I set up a new test server with the local security policy set to
a higher standard - NTLMv2 only. I'll let you know how it works out.
 
Back
Top