Active Directory User Account Creation Date

We need a way of tracking the creation date of user accounts in AD. Has anyone done this or have a solution for doing? We need to verify when all AD accounts are created - not just modified.
LVL 7
msiceAsked:
Who is Participating?
 
Pete LongTechnical ConsultantCommented:
Zev: You can get the creation date for each account from Active Directory. Every AD object has a WhenCreated and WhenChanged attribute. You can dump these attributes into a flat file using the LDIFDE utility, or you can dump them into a comma-delimited file using CSVDE (both utilities come with Windows 2000).

Here's the syntax to dump the two attributes for the user objects in an OU called Phoenix in a domain called Company.com to the console for viewing (the entire entry should typed as a single line):



ldifde -d ou=phoenix,dc=company,dc=com -l whencreated, whenchanged -p onelevel -r "(ObjectCategory=user)"
-f con


If you wanted to save the dump to a file, change the -f switch from con to a file name.

The last logon timestamp uses this format: YYYYMMDDHHMMSS, with the hour shown in Universal Coordinated Time. A time stamp of 20040115182937.0Z corresponds to Jan 15 2004 18:29:37 UCT.

USRSTAT is slow, and the report you get has to be merged with the LDIFDE dump. So, I put together a script that searches for user objects at each domain controller, then lists the local logon time and the creation time. The user logon timestamp requires conversion from a long integer. I borrowed the conversion code comes from Richard L. Mueller (www.rlmueller.net/Programs). Richard's full script also takes the local time zone from the Registry and converts the time from UCT to local time. Nifty.

http://www.mcpmag.com/columns/article.asp?EditorialsID=660
0
 
msiceAuthor Commented:
Sweet thanks for your quick help!
0
 
Pete LongTechnical ConsultantCommented:
ThanQ
0
On-Demand: Securing Your Wi-Fi for Summer Travel

Traveling this summer?Check out our on-demand webinar to learn about the importance of Wi-Fi security and 3 easy measures you can start taking immediately to protect your private data while using public Wi-Fi. Follow us today to learn more!

 
questionCommented:
Excellent thanks..
0
 
pdixit1977Commented:
its askng for source file and output log file path with -j switch.
0
 
msiceAuthor Commented:
If you dont use the -j does it still ask for a source file? You need to provide a log file location if you use the -j switch.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.