(imported topic written by SystemAdmin)
Is there an easy way to pull Active Directory user data from the BigFix client? We’d like to identify computers by the user that logs into the system. In AD there is a user field called “Department”.
So if user A logs in, we’d like to pull the users’s “Department” property from AD and set it in the registry OR if the property is already being stored in the registry or other microsoft file we’d like to know where.
(imported comment written by JackCoates91)
Hi Marty,
It’s pretty easy, just use a login script to run something like this http://www.activxperts.com/activmonitor/windowsmanagement/adminscripts/usersgroups/users/#RetrOUInfo.htm, write it out to text or registry, and an analysis to retrieve the value.
That said, it’s also pretty dangerous; Windows doesn’t cache AD queries very well, so every time that script runs it will go back to AD for the information. Multiply by X thousand computers, and you’re potentially DDOS’ing yourself. If you’re using a login script it should be naturally limited to a safe level, but it’ll still be an increase over your existing login traffic.
Jack
Is any anayses to fetch computer logged in user department details once from Active directory Department Properties