Win2003 powerful login management tool -LimitLogin

Microsoft has also developed a tool for restricting user logins for windows2003. ——LimitLogin, which is very powerful, including limiting the number of user logins in the domain, classifying the login information of any user in the domain, and integrating into AMD ( Active Directory MMC) manages configuration and generates login information in CSV and XML format. These functions are not very meaningful for ordinary users, but have a wide range of needs for business users such as banks, libraries, and ISPs.

Download and Install

At present, Microsoft has not provided an official website. If you are interested, you can download it from this website. The latest version is 1.0. The basic configuration requirements for this software are windows xp+.NET Framework 1.1 or Windows Server 2003. The advice given by Microsoft is Windows 2003 Domain Controller and there is at least one Windows 2003 Domain Controller in the domain.

The installation process of LimitLogin is very complicated and is divided into the following steps:

1.Install LimitLogin Web Service

The name of the Web Service needs to be customized during installation. The default is WSLimitLogin. If you need to change, please be sure to remember, because this name will be used in Active Directory Setup, and you can also customize the port number for accessing the Web Service here.

2. Install LimitLogin Active Directory

After the LimitLogin Web Service starts running, you need to continue to install LimitLogin's Active Directory Setup and run the downloaded LimitLoginADSetup.msi. There are three checkboxes. If you are installing for the first time, please select all.

(1) Prepare your Active Directory Forest for LimitLogin. This option will do the following: update the configuration, join the LimitLogin AD MMC control menu; extend the Forest schema, including the LimitLogin class and properties.

Here, you need to have the Schema Administrator permission, then a dialog box will appear, click the "OK" button to confirm, the system will be in \\%windir%\\system32\\ and \\program files\\Limitlogin\\ A detailed log is created under the directory. After this step is completed, you can start configuring the domain to LimitLogin.

(2) Pepare your Active Directory Domain for LimitLogin. This option will perform the following operations: create and configure llogin.vbs, llogoff.vbs, limitlogin.wsdl and other files; create an application directory area for LimitLogin.

In the "Domain Setup" window, we need to provide the following three parameters: Scripts Share Folder name, shared area save script and wsdl file. All authenticated users will run under Limitlogin and must be able to access it. Shared area; IIS Server name, IIS machine name running LimitLogin Web Service; Name of LimitLogin Web Service, you know the reason you need to keep in mind before!

As for the bottom of the window The box is originally configured for the installation of the system. It is recommended to select it as well. Next, we need to create the LimitLogin application directory area. A dialog box will pop up. You can select the Domain Controller that needs to establish the LimitLogin application directory area in the drop-down list box. After successfully completing this step, it will display the installation of the Domain setup. The last tip.

(3) Install LimitLogin AD MMC add-in tools on this machine. This option will only run at the end, mainly to copy some files to the \\%windir% directory, where you can only run LimitLogin machines from Active Directory MMC. Later, if you want to run the LimitLogin AD MMC add-on tool, simply select "LmitLogin Tasks" in a user, machine or OU/Container right click.

It should be noted that you can run LimitLoginADSetup.msi to choose to install on the computer you want to use AD MMC integration function, or you can also click on "\\program files\\limitlogin\\LimitLoginADSetup.exe" Set with “/ForestPrep” and “/DomainPrep”.

Manual Configuration and Scripting

First, you need to copy the “\\Program Files\\LimitLogin\\Scripts” folder to the shared folder specified in the "Domain Setup" step, for example ServernameShare.

1. Steps for Configuring Login and Logoff Scripts

(1) Turn on Active Directory Users and Computers.

(2) Right-click the domain object to open the properties window, switch to the Group Policy tab, and then modify the default Domain policy.

(3) Select “User Configuration→Windows Settings→Scripts”, in the Logon script, add llogin.vbs from the script share path; in the Logoff script, add llogoff.vbs from the script share path. Previous12Next page Total 2 pages