Requirement/Scope of Work
==========================
It will be two programs. One run on client side (Windows 7 & XP) and another on server side (Windows Server 2008 R2).
Client side (2 utilities):
[1] A utility to randomly create local administrator password and update to server database.
[2] A utility to notify user about the last logon time.
Server side (Single program):
[1] Keep up to 3 password history generated on client side in database. Administrator can do a web based login and query the computer records.
[2] Email notification to users about their last logon time if greater than 30 days (or any value that desired) then a notification will be sent. Administrator can generate report from the system as well.
Appendix:
----------
Technical Details:
1) Query "msDS-LastSuccessfulInteractiveLogonTime" attribute (instead of LastLogonTimeStamp) on Active Directory with additional email attribute
Sample Script can be found at [login to view URL]
Info on "msDS-LastSuccessfulInteractiveLogonTime":
[login to view URL](VS.85).aspx
2) Send an email via SMTP to the list of user [output of #1] that has the last logon day is great than 30.
3) Create a popup message box based on user logon name.
4) Administrator can logon through web based to view the local administrator password and user last logon details.
References:
[login to view URL]
[login to view URL](v=VS.85).aspx (E-mail-Addresses attribute)
Expected Output
Step #1 output (script provided from the URL)
===============================================
CN=Lola Jacobsen,OU=FIM Accounts,OU=Lab Objects,DC=woodgrovebank,DC=com;Never
CN=Terry Adams,OU=FIM Accounts,OU=Lab Objects,DC=woodgrovebank,DC=com;7/29/2010 6:08:11 PM
CN=Jimmy Bischoff,OU=FIM Accounts,OU=Lab Objects,DC=woodgrovebank,DC=com;Never
CN=Mark Brown,OU=FIM Accounts,OU=Lab Objects,DC=woodgrovebank,DC=com;Never
Note: Need additional info which is the email attribute. Account without email attribute will be ignore/discard
Step #2 Output
==============
Dear Terry Adams,
You last logon time is on 7/29/2010 6:08:11 PM. Your account will be inactive soon. Please logon before [last logon + 30 days].
Please contact IT Helpdesk at 1800-Helpdesk if you have any question.
Thank you,
IT Helpdesk
Step #3 Output
===============
Dear Terry Adams,
You have successfully logon to server. Your next logon to server must not later than [today date + 30 days].
Exceeded the allowable period, your account will be disabled. Please contact IT Helpdesk at 1800-Helpdesk if you have any question.
Step #4 Output
==============
Name Logon Name Email Last Logon Date
Lola Jacobsen [login to view URL] Lola [ a t ] abc com Never
Terry Adams [login to view URL] terry [ a t ] abc com 7/29/2010
6:08:11 PM
Refererence:
[login to view URL]