Last User/Computer Domain Logon AD

Hi

I seem to remember doing similar for someone ages ago with 2003, but I cant remember how I did it.

It was some kind of AD addin that showed an extra tab in ADUC, which showed the last time a user logged on.

This time I am specifically after the time a computer last had domain contact, as I want to clean some lists up for old PC's etc.

Needs to be free and needs to support 2003 and 2008.
LVL 1
hongeditAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Rich WeisslerProfessional Troublemaker^h^h^h^h^hshooterCommented:
I assume you mean these instructions?
http://www.petri.co.il/view_additional_user_information_in_aduc.htm
which should work in windows 2008 environments too.. but just in case you are using the 64 bit os... there is more information here:
http://www.open-a-socket.com/index.php/2008/08/24/acctinfo2dll-on-vista-x64/

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
moon_blue69Commented:
It can be found from pwdLastSet attribute if there is anything older than 30 days in a native environment then it can be seen as inactive I do not know if u can bring up in the property sheet.

for users from the resource kit this file did the job acctinfo.dll

But I found this script interesting if it helps

http://www.rlmueller.net/MoveOldComputers.htm
Rich WeisslerProfessional Troublemaker^h^h^h^h^hshooterCommented:
I usually look at LastLogin as the most reliable, but that isn't replicated between domain controllers.  LastLogon-Timestamp IS replicated, but can be two weeks old on any specific domain controller.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.