Solved

Can I query for what times a user authenticated against AD using DSQUERY?

Posted on 2008-09-29
4
328 Views
Last Modified: 2013-12-24
Can I query for what times a user authenticated against AD using DSQUERY?  I'm running in mixed mode.
0
Comment
Question by:instaIT
  • 2
4 Comments
 
LVL 3

Expert Comment

by:R_Janssen
ID: 22597023
Yep,
Example:
dsquery * "cn=Bill Gates,ou=test,dc=microdomain,dc=com" -scope base -attr
lastLogonTimestamp
 
0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 22597067

That won't be entirely accurate. The attribute is described here:

http://msdn.microsoft.com/en-us/library/ms676824.aspx

And discussed here:

http://www.microsoft.com/technet/scriptcenter/topics/win2003/lastlogon.mspx

Which tells us that the attribute above may be off by as much as 14 days.

So it's great, depending on how accurate you need / want to be.

Chris
0
 
LVL 1

Author Comment

by:instaIT
ID: 22597078
Is there a way to see the history over a period of time rather than just the last logon stamp?
0
 
LVL 70

Accepted Solution

by:
Chris Dent earned 500 total points
ID: 22597149

Nope, both lastLogon and lastLogonTimeStamp are single value attributes.

Basically, if you want a history you'd have to write something to maintain it, perhaps something through a logon script?

It would be possible to do it on the server side, but for accuracy you'll need the lastLogon attribute. The problem is, that one isn't replicated, which means you have to check every DC in your environment to get the actual value. That would be painful if it were required of a regular basis.

Chris
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question