Forum Search:
Forum.Brain-Cluster.com: Brain Cluster Technical Forum
Ultimate forum for Technical Discussions

Home » Microsoft » Windows Server » Active Directory » User account
User account [message #160156] Wed, 19 August 2009 09:32 Go to next message
Ed Wyche  is currently offline Ed Wyche  United States
Messages: 20
Registered: August 2009
Junior Member
I have a user account that can only logon to specfic computers. So in the
user account in AD under the account tab using the "Log On To" button.
There is a few computers already listed in there. When I try to added
another one it give me this error "The following active directory error
occurred one of more parameters are illegal".

Any help with this would be appreciated.

Thanks
Ed
Re: User account [message #160157 is a reply to message #160156] Wed, 19 August 2009 09:56 Go to previous messageGo to next message
rlmueller-nospam  is currently offline rlmueller-nospam  United States
Messages: 292
Registered: July 2009
Senior Member
"Ed Wyche" <none12@none.com> wrote in message
news:151C7831-8BC7-4C75-AF35-86E7FD3E909C@microsoft.com...
>I have a user account that can only logon to specfic computers. So in the
>user account in AD under the account tab using the "Log On To" button.
>There is a few computers already listed in there. When I try to added
>another one it give me this error "The following active directory error
>occurred one of more parameters are illegal".
>
> Any help with this would be appreciated.
>
> Thanks
> Ed
>
>

When you add computers, you enter one name and click the "Add" button, then
enter another name and click "Add". You must use the NetBIOS names of the
computers. Does this help?

--
Richard Mueller
MVP Directory Services
Hilltop Lab - http://www.rlmueller.net
--
Re: User account [message #160164 is a reply to message #160157] Wed, 19 August 2009 12:40 Go to previous messageGo to next message
Ed Wyche  is currently offline Ed Wyche
Messages: 20
Registered: August 2009
Junior Member
I have about 20 computer listed in there already. I was wondering if there
is a limit of number of computer to put in there.

"Richard Mueller [MVP]" <rlmueller-nospam@ameritech.nospam.net> wrote in
message news:#vBzlWOIKHA.4376@TK2MSFTNGP03.phx.gbl...
>
> "Ed Wyche" <none12@none.com> wrote in message
> news:151C7831-8BC7-4C75-AF35-86E7FD3E909C@microsoft.com...
>>I have a user account that can only logon to specfic computers. So in the
>>user account in AD under the account tab using the "Log On To" button.
>>There is a few computers already listed in there. When I try to added
>>another one it give me this error "The following active directory error
>>occurred one of more parameters are illegal".
>>
>> Any help with this would be appreciated.
>>
>> Thanks
>> Ed
>>
>>
>
> When you add computers, you enter one name and click the "Add" button,
> then enter another name and click "Add". You must use the NetBIOS names of
> the computers. Does this help?
>
> --
> Richard Mueller
> MVP Directory Services
> Hilltop Lab - http://www.rlmueller.net
> --
>
>
Re: User account [message #160169 is a reply to message #160164] Wed, 19 August 2009 15:30 Go to previous messageGo to next message
rlmueller-nospam  is currently offline rlmueller-nospam  United States
Messages: 292
Registered: July 2009
Senior Member
The names are saved in one single-valued attribute of the user object,
called userWorkstations, as a comma delimited list of names. The maximum
length of the attribute is 1024 characters. If you already have 20 names,
they would need to be over 50 characters each (on average) to hit the limit.

--
Richard Mueller
MVP Directory Services
Hilltop Lab - http://www.rlmueller.net
--

"Ed Wyche" <none12@none.com> wrote in message
news:89E6B198-2990-464E-9941-88671CD444D7@microsoft.com...
>I have about 20 computer listed in there already. I was wondering if there
>is a limit of number of computer to put in there.
>
> "Richard Mueller [MVP]" <rlmueller-nospam@ameritech.nospam.net> wrote in
> message news:#vBzlWOIKHA.4376@TK2MSFTNGP03.phx.gbl...
>>
>> "Ed Wyche" <none12@none.com> wrote in message
>> news:151C7831-8BC7-4C75-AF35-86E7FD3E909C@microsoft.com...
>>>I have a user account that can only logon to specfic computers. So in
>>>the user account in AD under the account tab using the "Log On To"
>>>button. There is a few computers already listed in there. When I try to
>>>added another one it give me this error "The following active directory
>>>error occurred one of more parameters are illegal".
>>>
>>> Any help with this would be appreciated.
>>>
>>> Thanks
>>> Ed
>>>
>>>
>>
>> When you add computers, you enter one name and click the "Add" button,
>> then enter another name and click "Add". You must use the NetBIOS names
>> of the computers. Does this help?
>>
>> --
>> Richard Mueller
>> MVP Directory Services
>> Hilltop Lab - http://www.rlmueller.net
>> --
>>
>>
Re: User account [message #160171 is a reply to message #160169] Wed, 19 August 2009 15:42 Go to previous message
rlmueller-nospam  is currently offline rlmueller-nospam  United States
Messages: 292
Registered: July 2009
Senior Member
"Richard Mueller [MVP]" <rlmueller-nospam@ameritech.nospam.net> wrote in
message news:e6rQPRRIKHA.6068@TK2MSFTNGP03.phx.gbl...
> The names are saved in one single-valued attribute of the user object,
> called userWorkstations, as a comma delimited list of names. The maximum
> length of the attribute is 1024 characters. If you already have 20 names,
> they would need to be over 50 characters each (on average) to hit the
> limit.
>
> --
> Richard Mueller
> MVP Directory Services
> Hilltop Lab - http://www.rlmueller.net
> --
>
> "Ed Wyche" <none12@none.com> wrote in message
> news:89E6B198-2990-464E-9941-88671CD444D7@microsoft.com...
>>I have about 20 computer listed in there already. I was wondering if
>>there is a limit of number of computer to put in there.
>>

Here is a VBScript program to dump out all users and the value of their
userWorkstations attribute. It only documents users that have a value
assigned to userWorkstations. It also shows the length of the current value.
Run this at a command prompt using cscript. If the output is large, redirect
the output to a text file. For example, if the code is saved in
Workstations.vbs, use a command similar to this at a command prompt:

cscript //nologo Workstations.vbs > report.txt
==================
Option Explicit

Dim objRootDSE, strDNSDomain, adoConnection
Dim strBase, strFilter, strAttributes, strQuery, adoRecordset
Dim strName, strDN, strWS

' Determine DNS domain name.
Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("defaultNamingContext")

' Use ADO to search Active Directory.
Set adoConnection = CreateObject("ADODB.Connection")
adoConnection.Provider = "ADsDSOObject"
adoConnection.Open "Active Directory Provider"

Set adoRecordset = CreateObject("ADODB.Recordset")
adoRecordset.ActiveConnection = adoConnection

' Search entire domain.
strBase = "<LDAP://" & strDNSDomain & ">"

strFilter =
" (&(objectCategory=person)(objectClass=user)(userWorkstat ions=*)) "

' Comma delimited list of attribute values to retrieve.
strAttributes = "sAMAccountName,distinguishedName,userWorkstations"

' Construct the LDAP query.
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"

' Run the query.
adoRecordset.Source = strQuery
adoRecordset.Open

' Enumerate the resulting recordset.
Do Until adoRecordset.EOF
' Retrieve values.
strName = adoRecordset.Fields("sAMAccountName").Value
strDN = adoRecordset.Fields("distinguishedName").Value
strWS = adoRecordset.Fields("userWorkstations").Value
Wscript.Echo "User NT Name: " & strName
Wscript.Echo "DN: " & strDN
Wscript.Echo "userWorkstations: " & strWS
Wscript.Echo "Length: " & CStr(Len(strWS))
adoRecordset.MoveNext
Loop

' Clean up.
adoRecordset.Close
adoConnection.Close
=========
Besides the 1024 character limit (which you might possibly be able to
increase), duplicates are not allowed.

--
Richard Mueller
MVP Directory Services
Hilltop Lab - http://www.rlmueller.net
--
Previous Topic:dcdiag test
Next Topic:Domain Controller - Firewall Ports
Goto Forum:
  


Current Time: Tue Jan 23 16:44:56 MST 2018

Total time taken to generate the page: 0.06203 seconds
.:: Contact :: Home ::Sitemap::.

Powered by: FUDforum 3.0.0RC2.
Copyright ©2001-2009 FUDforum Bulletin Board Software