Last User/Computer Domain Logon AD

Posted on 2011-10-04
Last Modified: 2012-05-12

I seem to remember doing similar for someone ages ago with 2003, but I cant remember how I did it.

It was some kind of AD addin that showed an extra tab in ADUC, which showed the last time a user logged on.

This time I am specifically after the time a computer last had domain contact, as I want to clean some lists up for old PC's etc.

Needs to be free and needs to support 2003 and 2008.
Question by:hongedit
    LVL 29

    Accepted Solution

    I assume you mean these instructions?
    which should work in windows 2008 environments too.. but just in case you are using the 64 bit os... there is more information here:
    LVL 10

    Expert Comment

    It can be found from pwdLastSet attribute if there is anything older than 30 days in a native environment then it can be seen as inactive I do not know if u can bring up in the property sheet.

    for users from the resource kit this file did the job acctinfo.dll

    But I found this script interesting if it helps
    LVL 29

    Expert Comment

    by:Rich Weissler
    I usually look at LastLogin as the most reliable, but that isn't replicated between domain controllers.  LastLogon-Timestamp IS replicated, but can be two weeks old on any specific domain controller.

    Featured Post

    Better Security Awareness With Threat Intelligence

    See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

    Join & Write a Comment

    There are two modes of restricted groups GPOs. Replacing mode:   Additive mode:   How do they work? Replacing mode: Everything (users, groups, computers) that is member of the local administrators group will be cleared out. After th…
    This is my first article in EE and english is not my mother tongue so any comments you have or any corrections you would like to make, please feel free to speak up :) For those of you working with AD, you already are very familiar with the classi…
    This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
    This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

    745 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now