Set up the rights as explained by oBdA:
But I also did the same for the Computer objects, you have to do the rights for the Computer description.
The following script skips the update if the OS is a server OS. This way citrix server logon etc don't change server descriptions. Also you can look up users by computer name and also coputers via user name. I place the full contect of the user name in the description. You can modify it not give the full contect.
' ********************************************************************
' This script Modifies a User Desscription field and Computer Description
' field in AD with User Name, Computer Name, and Login Date & Time,
' and User Context
' Skips if the computer is running a server version of Windows
' ********************************************************************
on error resume next
Set objSysInfo = CreateObject("ADSystemInfo")
Set objComputer = GetObject("LDAP://" & objSysInfo.ComputerName)
Set objUser = GetObject("LDAP://" & objSysInfo.UserName)
strOS = objComputer.operatingSystem
If InStr(UCase(strOS),"SERVER") Then
Else
strmessage1 = objComputer.CN & ", " & Now &", " & objSysInfo.UserName
strMessage2 = objUser.CN & ", " & objComputer.CN & ", " & Now & ", " & objSysInfo.UserName
objUser.Description = strMessage1
objUser.SetInfo
objComputer.Description = strMessage2
objComputer.SetInfo
End If