Solved

WinNT "True Last Logon" script

Posted on 2010-08-19
4
1,146 Views
Last Modified: 2013-12-24
Hi,
ive been playing around with this script for finding the "true last logon" from active directory using LDAP to query all the DC. It works really well and i think i get it all
http://www.rlmueller.net/Programs/LastLogon.txt

However, i want to use this on some of our old legacy domains, so i assume i have to modify this section to work on WinNT, rather then LDAP? altho i have no idea, so im not sure if its even possible or if im looking at this the correct way? Do legacy domains also have multiple Domain controllers?!
I dont log into the legacy domain, as my RootDSE either
The Legacy domain is called old-xx

Set objRootDSE = GetObject("LDAP://RootDSE")

strConfig = objRootDSE.Get("configurationNamingContext")
strDNSDomain = objRootDSE.Get("defaultNamingContext")

' Use ADO to search Active Directory for ObjectClass nTDSDSA.
' This will identify all Domain Controllers.
Set adoCommand = CreateObject("ADODB.Command")
Set adoConnection = CreateObject("ADODB.Connection")
adoConnection.Provider = "ADsDSOObject"
adoConnection.Open "Active Directory Provider"
adoCommand.ActiveConnection = adoConnection

strBase = "<LDAP://" & strConfig & ">"
strFilter = "(objectClass=nTDSDSA)"
strAttributes = "AdsPath"
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"


i found this script, however i wasnt sure if this was going to correctly give me a list back of all the different DC on NT4?
Sub PullAllDomains()
    Dim objNameSpace
    Dim Domain

    Set objNameSpace = GetObject("WinNT://ADE-CH")
    For Each Domain In objNameSpace
       MsgBox Domain.Name
    Next
  End Sub

nb. im writing this in Excel 2003 vb, as i need the results kicked back into an excel file for further analysis
0
Comment
Question by:jamiepryer
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 85

Accepted Solution

by:
oBdA earned 500 total points
ID: 33477158
That won't work in an NT4 domain. Easiest workaround: download DumpSec (http://www.systemtools.com/somarsoft/index.html), go to "Reports > Dump Users ...", add "Last Logon Time" to the selected fields, and check the box "Show 'true' last logon time".
You can run it remotely against a DC by setting the server under "Report > Select Computer ..."
You can then save the dump as tab separated file and open it in Excel.
0
 

Author Comment

by:jamiepryer
ID: 33477276
thanks, will check that out

can you explian why this wont work?
I just want to pump all my user information out from all my domains into an array and then i can work out the proper last logon
0
 
LVL 85

Expert Comment

by:oBdA
ID: 33477369
Because NT4 doesn't have LDAP or an AD provider.
Note that you can generate the report from the command line as well if you plan to do this on a regular basis against several domains; Help > Contents explains the command line options.
0
 

Author Comment

by:jamiepryer
ID: 33482855
so with NT4 domains, you cant run a WinNT script to get the information?

Ive got a script that pulls all teh user information, however ive been told that lastlogin doesnt replicate around all the DC's, so this is why i need to collect information for each user for each domain.
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this series, we will discuss common questions received as a database Solutions Engineer at Percona. In this role, we speak with a wide array of MySQL and MongoDB users responsible for both extremely large and complex environments to smaller singl…
Here's a look at newsworthy articles and community happenings during the last month.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question