Script to find disabled user account and their last login date for selected OU
Hi,
I'm wondering if there is any script/ways to export the list of disabled users account and their last login date? The ADUC built in only ables to filter the disabled/export user but not the date. Greatly appreciates if script is provided, thanks.
I'm wondering if there is any script/ways to export the list of disabled users account and their last login date? The ADUC built in only ables to filter the disabled/export user but not the date. Greatly appreciates if script is provided, thanks.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
this .exe is excutable in any servers connected to the same domain, right?
I had tested the
adfind -default -bit -f "&(objecategory=person)(ob
but nothing there
I had tested the
adfind -default -bit -f "&(objecategory=person)(ob
but nothing there
ASKER
rparsons1000,
the information does not have the last login date
the information does not have the last login date
ASKER
hi successfully run the adfind but no last login date, the output are as below
"dn","samaccountname","las
"CN=Guest_Who,CN=Users,DC=
"dn","samaccountname","las
"CN=Guest_Who,CN=Users,DC=
what is your domain functional level at?
ASKER
mkline71
the exchange was 'hardened' but the site IT, what I knew is that they had do a lockdown on .pst files on their file servers. but now i had found out that they had do a lockdown on the .exe files on their exchange.
i had run the .exe files at the file servers, i can run it and there is an output text but the query seems to be wrong
the exchange was 'hardened' but the site IT, what I knew is that they had do a lockdown on .pst files on their file servers. but now i had found out that they had do a lockdown on the .exe files on their exchange.
i had run the .exe files at the file servers, i can run it and there is an output text but the query seems to be wrong
Look at my screenshot, that is the example from mylab. Those accounts that I have set as disabled I usually don't login with so that is why only the test71 account has a value for lastlogontimestamp.
Lastlogontimestamp is only available in W2K3 domain functional level and higher. Are you at that level?
thanks
Mike
adfind-disabled-llts.jpg
Lastlogontimestamp is only available in W2K3 domain functional level and higher. Are you at that level?
thanks
Mike
adfind-disabled-llts.jpg
ASKER
mkline71,
when i tried to use the command, it does not produces anything but if i use something like below, there are some output but not the date. i had one script that output the lastlogin date and it works. do u still think that the account is related to this problem? do i need an AD admin account to generate this? I'm new to AD/exchange, sorry.
C:\Documents and Settings\oithim_ops\Deskto
The oldcmp does produce a column "lastLogonTimestamp" and in my case shows all 0's if never logged in and it is all accurate. If it is blank or doesn't exeist could mean as mkline 71 said you aren't at server 2003 domain.
yes oldcmp is another great tool from joe. What you are doing there in your query by spelling otu the useraccountcontrol is what adfind does in the background too.
Still interested in knowing your functional level.
Thanks
Mike
Still interested in knowing your functional level.
Thanks
Mike
ASKER
tested it out and sadly, the server was .exe lockdown. no .exe files were allowed to be created locally