Solved

WinNT "True Last Logon" script

Posted on 2010-08-19
4
1,125 Views
Last Modified: 2013-12-24
Hi,
ive been playing around with this script for finding the "true last logon" from active directory using LDAP to query all the DC. It works really well and i think i get it all
http://www.rlmueller.net/Programs/LastLogon.txt

However, i want to use this on some of our old legacy domains, so i assume i have to modify this section to work on WinNT, rather then LDAP? altho i have no idea, so im not sure if its even possible or if im looking at this the correct way? Do legacy domains also have multiple Domain controllers?!
I dont log into the legacy domain, as my RootDSE either
The Legacy domain is called old-xx

Set objRootDSE = GetObject("LDAP://RootDSE")

strConfig = objRootDSE.Get("configurationNamingContext")
strDNSDomain = objRootDSE.Get("defaultNamingContext")

' Use ADO to search Active Directory for ObjectClass nTDSDSA.
' This will identify all Domain Controllers.
Set adoCommand = CreateObject("ADODB.Command")
Set adoConnection = CreateObject("ADODB.Connection")
adoConnection.Provider = "ADsDSOObject"
adoConnection.Open "Active Directory Provider"
adoCommand.ActiveConnection = adoConnection

strBase = "<LDAP://" & strConfig & ">"
strFilter = "(objectClass=nTDSDSA)"
strAttributes = "AdsPath"
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"


i found this script, however i wasnt sure if this was going to correctly give me a list back of all the different DC on NT4?
Sub PullAllDomains()
    Dim objNameSpace
    Dim Domain

    Set objNameSpace = GetObject("WinNT://ADE-CH")
    For Each Domain In objNameSpace
       MsgBox Domain.Name
    Next
  End Sub

nb. im writing this in Excel 2003 vb, as i need the results kicked back into an excel file for further analysis
0
Comment
Question by:jamiepryer
  • 2
  • 2
4 Comments
 
LVL 83

Accepted Solution

by:
oBdA earned 500 total points
ID: 33477158
That won't work in an NT4 domain. Easiest workaround: download DumpSec (http://www.systemtools.com/somarsoft/index.html), go to "Reports > Dump Users ...", add "Last Logon Time" to the selected fields, and check the box "Show 'true' last logon time".
You can run it remotely against a DC by setting the server under "Report > Select Computer ..."
You can then save the dump as tab separated file and open it in Excel.
0
 

Author Comment

by:jamiepryer
ID: 33477276
thanks, will check that out

can you explian why this wont work?
I just want to pump all my user information out from all my domains into an array and then i can work out the proper last logon
0
 
LVL 83

Expert Comment

by:oBdA
ID: 33477369
Because NT4 doesn't have LDAP or an AD provider.
Note that you can generate the report from the command line as well if you plan to do this on a regular basis against several domains; Help > Contents explains the command line options.
0
 

Author Comment

by:jamiepryer
ID: 33482855
so with NT4 domains, you cant run a WinNT script to get the information?

Ive got a script that pulls all teh user information, however ive been told that lastlogin doesnt replicate around all the DC's, so this is why i need to collect information for each user for each domain.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I'm a big fan of Windows' offline folder caching and have used it on my laptops for over a decade.  One thing I don't like about it, however, is how difficult Microsoft has made it for the cache to be moved out of the Windows folder.  Here's how to …
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now