I want to create account in Ldap, but its need be active only in future FROM date TO date.
I use ppolicy overlay for Ldap. I try use it:
I create account and on creation time I lock it using
pwdAccountLockedTime = NOW.
I set the
pwdLockoutDuration = (FROM - NOW) in seconds
pwdMaxAge = (TO - NOW) in second.
The account was created with right pwdAccountLockedTime, but after pwdLockoutDuration duration expire, the account not unlocked automatically - why? Maybe because I set pwdAccountLockedTime manual?
I don't set pwdPolicySubentry attribute as my new entry and Ldap use pwdLockoutDuration from default configuration, not my custom pwdLockoutDuration from my entry.
From MSDN i got, once the lockout duration passes, the user is unlocked automatically.
So check whether you got Zero in lockoutTime
Add the Lockout-Time attribute to the Lockout-Duration attribute and then compare it with the current time.Zero in Lockout-Duration means the account is locked forever until the administrator unlock it.
copied from msdn site.click here
This attribute value is only reset when the account is logged onto successfully. This means that this value may be non zero, yet the account is not locked out. To accurately determine if the account is locked out, you must add the Lockout-Duration to this time and compare the result to the current time, accounting for local time zones and daylight savings time.
Related
I have implemented the following process to track User ID on my website:
If the user is not yet logged in, track a pageview
Once he registers or logs in, set user id and keep setting it on every page
I have session unification turned on.
It works OK except that in the "user id" view, I see 100% of acquisition surce/medium as (direct) / (none), but in "all data" though, the utm_ parameters for the same session have been tracked correctly.
I would like to see which campaign was each given user acquired by, but because of this, I am not seeing that.
What am I doing wrong?
Ok, I found the answer in the docs eventually:
Session unification is completed during daily data processing. Processing begins at 5am each day, based on the western most timezone selected in any reporting view that is associated with the property.
Looks like I have everything set up right, just need to wait for the recalculation.
Our webapp-solution needs a login preventer that gives the user a 10 seconds penalty (in where he cannot log in) after three incorrect logins.
Today this task is solved by an attribute, ToggleAttribute (custom), that contains a counter keeping track of the users number of logins attempts.
If the number exeeds the defined limit (default 3) the ToggleAttribute will redirect the user back to the login page with a 10 sec penalty.
This works OK. However, the problem occurs when the user has successfully logged in and out. The counter is not reset, so the next user gets only two login attempts.
I would like a way to reset the counter inside the attribute from our login controller if password validation is good. May I access the data in the Attribute from the controller?
The problem was solved by putting the counter data into a cache that is aslo accessable outside of the attribute. By doing so, the login controller may reset counter. It is not a perfect solution, but works until we implement a authorization solution further up the road.
I am creating appointment using MS exchange API as described here:
http://msdn.microsoft.com/en-us/library/dd633661(v=exchg.80).aspx
and it is working fine.
But it does not show in Resource/Location Calendar means i am specifying the Conference room using Location property but didn't work then i tried
appointment.Resources.Add(new Attendee("cr1#domain.com"));
but it subject is showing only my domain Username(credential i am using for API) but in my calendar it is showing everything means subject,body.
what is the right way to show appointment in conference room calendar?
By default, when a CR accepts an invite, it replaces the subject with the organizer's name. This is a configuration setting for the room. It can be changed using the Set-CalendarProcessing cmdlet. The parms you need will be -DeleteSubject and -AddOrganizerToSubject. Setting the first to $false will keep the original subject around; setting the second to $false will prevent adding the organizer. (Setting -DeleteComments:$false will also preserve the message body.) You'll have to change this for every CR you plan inviting, and it presumes you have this kind of access to the Exchange console. Otherwise, you have to befriend your local Exchange admin. :-)
I have a web app. The home page has two main actions:
Sign up to the application
Log into the application
I have a goal set up for sign-ups. I am trying to track the goal conversion rate of users who have never logged into the application before.
The problem I have at the moment is that the conversion rate is being skewed by users who are visiting the homepage simply to log in.
Is there a simple way of doing this?
Thanks very much,
Ben
For the kind of tracking you are looking for, there should be some coding on both your system and Google Analytics.
First, I would recommend you place into your system the intelligence to know the number of log-ins the user has made (As an example, a counter on your database).
Now, to implement that, you will need to set a Custom Var in Google Analytics in a visit level, to segment the users from the non-users, in that CustomVar, you can store both the user ID and the number of logins he has made.
This is the on the login page:
Your Code Should Look Like:
_gaq.push(['_setCustomVar',
1,
'Member Login',
'NUMBER OF LOGINS', // SET THIS FROM YOUR SYSTEM
2 //VISIT LEVEL Custom Var
]);
Remember that this code should go before tracking the pageview.
After setting this up, you should use Advanced Segments to check those specific users, one case could be: (Using the example above)
Setup an Advanced Segment that "Excludes" the Custom Variable (Key 1) - Mathing RegExp : .*
This will give you all the never-loged user access.
Something else you could do is set up Adv Segments to check on a specific number of logins
Setup an Advanced Segment that "Excludes" the Custom Variable (Key 1) - Mathing RegExp : [^1]
This will give you all the users that loged-in more than once.
You can find more info on Custom Vars here.
My ASP.NET intranet web application uses Windows Authentication, and I would like to record the following details:
1) Windows ID
2) Session Start Time
3) Session Stop Time
4) URL being browsed to (optional)
I've got some basic code setup in "Session_Start" method of the Global.ASAX to log session start times (seen below), but that's it so far. I have the feeling this is a primitive approach and there are "better" ways of doing this. So I really have two questions:
1) Is this the right way to go about doing this? If not what are some other options?
2) If this is the right way, do I just need to drop some code in the "Session_End" method to record the time they exit, and thats a complete solution? Does this method always get called when they close the browser tab they have the site open in, or do they have to close the entire browser (I don't have logout functionality)? Any way users can skip over this session end method (or start for that case)?
Dim connsql As New System.Data.SqlClient.SqlConnection(ConfigurationManager.ConnectionStrings("MyConnectionstring").ConnectionString)
Dim cmdsql As System.Data.SqlClient.SqlCommand = connsql.CreateCommand
cmdsql.CommandText = "BeginUserSession"
cmdsql.CommandType = Data.CommandType.StoredProcedure
Try
cmdsql.Parameters.Add("#windowsid", System.Data.SqlDbType.VarChar, 30, "windowsid")
cmdsql.Parameters("#windowsid").Value = Session("UserInfo").identity.name
If connsql.State <> System.Data.ConnectionState.Open Then connsql.Open()
cmdsql.ExecuteNonQuery()
connsql.Close()
Catch ex As Exception
Finally
If connsql.State <> Data.ConnectionState.Closed Then connsql.Close()
End Try
'Stored Proc records start time
Session_End is not reliable.
What I would suggest is on Session_Start you create a record that notes the time the Session was created, and in Session_End you update the record with the time it was ended.
To handle the majority of sessions which are passively abandoned, use Application_BeginRequest to update the record to note when the user was "last seen".
You will then need to determine a way of marking sessions that have been passively abandoned. This will be site/app specific. It could be as simple as picking a number of minutes that must pass before the session is considered abandoned - like 10 minutes.
So then you have a query:
SELECT Username,
SessionStart,
SessionEnd,
LastSeenOn,
DATEDIFF(mi, SessionStart, ISNULL(SessionEnd, LastSeenOn)) DurationMinutes
FROM SessionAudit
WHERE SessionEnd IS NOT NULL
OR DATEDIFF(mi, LastSeenOn, getdate()) > 10
Which will bring back your session audit log.
Your approach could be described as simple, but that could be totally fine - it comes down to what the requirements are. If you need to log a full suite of application errors and warnings, look at implementing something like Log4Net. Otherwise I wouldn't say there is anything wrong with what you are doing.
Sessions are ended when there has been no user activity for the amount of time specified in the timeout value, or when you explicitly call Session.Abandon() in your code. Because of the stateless nature of HTTP, there is no way to tell if a user has left your site, closed the browser or otherwise stopped being interactive with their session.
I am not sure you can catch the end of the session accurately because
The user can close their browser and that will not necessarily end the session.
They can then go back to your site and thus may have multiple sessions.
You can try messing with setting in IIS to kill the session very quickly after inactivity but its not a good idea.
Also... If the users are not all on an internal network you will have no control as to whether they have a "Windows ID" or not.