Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 491
  • Last Modified:

Last logged on time

Hi guys,
We would like to achieve the following 2 tasks.

1)the last date/time a user has logged on to our domain.
We have around 150 domain controllers in a 2003 AD domain.

2)find out what domain administrators have not logged on with their account in the last 6 months.

Any help on finding this out would be much appreciated.
0
Simon336697
Asked:
Simon336697
3 Solutions
 
Mike KlineCommented:
You can use the lastlogontimestamp variable and a tool called adfind by Joe Richards

I have an example here   http://www.experts-exchange.com/Software/Server_Software/File_Servers/Active_Directory/Q_24724528.html

Lastlogon timestamp is accurate between 9-14 days

A nice free GUI AD tool for reporting is adinfo  http://www.cjwdev.co.uk/Software/ADReportingTool/Info.html

I'm off to bed but hopefully those help some.

Thanks

Mike
0
 
Tony MassaCommented:
Oldcmp from Joe Richards, the author of ADFind will produce a reports of accounts that haven't been used in X number of days.  

Be aware that if you want the absolute accurate last login for a user in the last, say 2 days, you will  have to use the lastLogon attribute,which is NOT replicated.  You will have to query all DCs to be sure.

http://blogs.technet.com/b/heyscriptingguy/archive/2010/01/27/dandelions-vcr-clocks-and-last-logon-times-these-are-a-few-of-our-least-favorite-things.aspx

Code to get lastLogon info from all domain controllers and output the most recent time

http://blogs.msdn.com/b/alejacma/archive/2009/03/12/how-to-get-lastlogon-property-for-all-users-in-a-domain-vbscript.aspx
0
 
SandeshdubeySenior Server EngineerCommented:
You can use third party software True Last Logon 2.9.You can export the file in excel for report creation.You can use the trial version this will achieve what you are looking for.

True Last Logon displays the following Active Directory information:
--Users real name and logon name
--Detailed account status
--Last Logon Date & Time
--Last Logon Timestamp (Replicated value)
--Account Expiry Date & Time
--Enabled or Disabled Account
--Locked Accounts
--Password Expires
--Password Last Set Date & Time
--Logon Count
--Bad Password Count
--Expiry Date
--You can also query for any other attribute (Example: Description, telephone Number, custom attibutes etc)

Refer the below link for trial version:
http://www.dovestones.com/products/True_Last_Logon.asp
0
 
Simon336697Author Commented:
Thanks so much guys sorrry about the delay.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get 10% Off Your First Squarespace Website

Ready to showcase your work, publish content or promote your business online? With Squarespace’s award-winning templates and 24/7 customer service, getting started is simple. Head to Squarespace.com and use offer code ‘EXPERTS’ to get 10% off your first purchase.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now