Last post Jun 12, 2014 07:36 AM by Carlochapline
Aug 22, 2006 05:49 PM|Vader|LINK
As always i return to the best forum there is to get help with my problem.
I want to collect all the changes that have been made during the last day and save this to a sql database. As for know, i have been "dumping" parts of AD into a db and by comparing the previously dump with the new dump i can track changes. I know that uSNchanged
is used for replicating modified objects in the domain. Is there a known preferred way of dealing with this ore should i just dump the uSNChanged to db and then check if that property gets changed in AD (increament after modification) That would take a whole
lot of work going through all the objects in AD against the DB searching for - if
DB.uSNchanged != AD.uSNchanged -
Im searching for property changes, membership and security changes.
Aug 23, 2006 09:18 AM|dunnry|LINK
Aug 23, 2006 11:26 PM|bdesmond|LINK
Aug 24, 2006 04:58 PM|Vader|LINK
I will check it out, still stuck on 1.1 version of .Net though.
Aug 25, 2006 12:00 PM|dunnry|LINK
Sep 04, 2006 07:10 AM|rizshe|LINK
I'm also working on a similar pattern. I need to track changes to the user data in AD. only 6 attributes of a user class. I'm using .net 2.0 with C#.
These are the attributes:
I want to use directSync but i do not know how i can use it. Unfortunately i do not have your book(planning to order it soon).
Any ideas of how to implement it?
Sep 04, 2006 07:20 AM|Vader|LINK
If i get the time and the project for usnChanged polling i will let u all know.
Sep 04, 2006 01:43 PM|dunnry|LINK
Check out the samples I have linked to at the top of the forum. I have a class called DirSync that shows how to do it in the samples.
Sep 05, 2006 04:53 AM|rizshe|LINK
I have checked the samples. Found in Chapter 5 the DirectSync class. Unfortunately i'm new to AD and can't grasp the things you're doing there.
Can you point me to any documentation/tutorials where i can learn this before try to implement it. I ordered the book but it will take 1 week to be here hence stuck on this issue.
Sep 05, 2006 10:42 AM|dunnry|LINK
Well, the DirSync search is considered an advanced search in the book. There are some fundamental things that you should probably have clear before you really get going using Directory Services. Unfortunately, the lack of tutorials and guidance (especially
stuff that is correct - there is a lot of crap out there), is one of the reasons we wrote the book in the first place. We really struggled to begin with years ago.
The forums and newsgroups are great places to get your specific questions answered, but suffer when it comes to broader questions. I don't mean to sound cocky, but I honestly believe the book is going to be your best and perhaps only source for any type
of guidance here that will take you from knowing nothing about SDS to becoming truly proficient. I hate to say that you are stuck until you get the book, but you might be when it comes to getting a complete picture of what is going on. Otherwise, you can
try a few of the examples here in the forums to start. If you search here (hint: you can use the term 'user:dunnry' to find my posts more easily) you can find probably an example for anything. It will take some piecing together, but you will get the idea
as you read more and more posts. Once you get the book, the first 4 chapters should really ease you into what you need to know. The rest is more advanced stuff and then a bunch of practical applications. The first 4 really set the foundation for everything
else. Once you get the book, if you have any questions about the material, Joe and I support the book at the companion site - directoryprogramming.net. You can pretty much ask us anything book related (sometimes not so much) and we will do our best to help.
Sorry that is not what you are probably looking for, but it might have to do for now... :(
Sep 05, 2006 11:00 AM|rizshe|LINK
Thanks Ryan for your insight on this. You're totally right in saying that there isn't much good material available out there. About the book I have been told by my boss that he searched amazon.co.uk and couldn't find it there so i guess it will have to wait
before we get the book in UK. I think i saw it on some UK website but couldn't remember, maybe need to search it again to order it.
Well until i got the book i'm pretty much stuck in this scenario but i'll probably see what i can do.
Don't worry you didn't sound cocky at all [:D]
Sep 05, 2006 11:22 AM|dunnry|LINK
Sep 05, 2006 12:02 PM|rizshe|LINK
Probably my boss was looking for his glasses [cool].
i'll order is straightaway.
Sep 05, 2006 05:07 PM|Vader|LINK
I can tell it's one of the best books i have ever come across. I just wished i had ordered it sooner then i did though, have to rewrite stuff.
Jun 12, 2014 07:36 AM|Carlochapline|LINK
In addition to above suggestions, I would like to refer you on this prominent application available at (http://www.activedirectoryaudit.com/) that would also be an appropriate approach in your environment.
It track all changes made in domain by ensuring complete accuracy and generate real time monitoring report that can be checked in graphical or tabular view. It is equipped with instant alert facility that notify the administrators quickly when someone is trying
to change or modify AD objects or any critical changes occurred in active directory so that you can take appropriate action immediately and rollback it to protect from unwanted changes.