I'm looking for a place to request, make a suggestion to improve Active Directory Services. I tried connect but it wasn't listed.
Anyway here is my request:
Add a new operations master roll to AD or maybe a new DC all together.
It would track All users who have logged on, where they logged on from (hostname, ip, Domain) and lastly when they logged out. Have a user interface to be able to check this information on a moments notice. Have the ability to run reports against a particular user, hostname, ip etc. for security auditing. The security events are ok but it is a messy system when searching for a logon event for a single user. Even with 3rd party event logging software.
Also break out the file system auditing into a separate log, get it out the security log. That log is big enough.
AD should act like a mainframe system where you can see who is actively on the system and from where. Even if its from multiple systems.
I know this is no easy task. But maybe in a future release.
Thanks for listening/reading.