How to add logic to a new customized attribute in AD schema

Question

I need to create new attribute named:

LastLoggedWorkstation

This attribute should contain the name of the last machine\IP from which the user logged on.

I know how to add new attribute to AD schema (here) but I don't know how to add logic.

When a user logon to a machine in the DC an event 4768 is being generated (from MSDN).
This event contains the sid of the user and the ip address of the machine from which he logged on.

If I could edit the attribute that whenever there is a logon, check the source machine and add it to the attribute, it would be great.

Is it possible or the attributes can't contain any logic ?

Reference:
https://social.technet.microsoft.com/Forums/windows/en-US/e545548b-2c48-4dd5-9c23-ef25c56050a7/last-workstation-user-logon?forum=winserverDS
Best way to find the computer a user last logged on from?

You would need a user logon script to perform this function. — Greg Askew, Oct 19 '17 at 17:21
I thought maybe there is an option to do it dynamically from attribute itself. — E235, Oct 19 '17 at 17:24

score 2 · Answer 1 · answered Oct 19 '17 at 18:20

The attributes can't contain any logic, they have to be populated by "something else".

In fact, you can see Active Directory (or at least, the part we are talking about here) as a database, with fields and records, and when you extend the schema, you add more "fields" to this database.

In order for you to populate your newly created attribute, you can create a little program, or a PowerShell script that will gather the required information (the event ID that you mentioned for example), process this information, and then write the attribute in your AD.

How to add logic to a new customized attribute in AD schema

1 Answers1