• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 439
  • Last Modified:

Last User/Computer Domain Logon AD


I seem to remember doing similar for someone ages ago with 2003, but I cant remember how I did it.

It was some kind of AD addin that showed an extra tab in ADUC, which showed the last time a user logged on.

This time I am specifically after the time a computer last had domain contact, as I want to clean some lists up for old PC's etc.

Needs to be free and needs to support 2003 and 2008.
  • 2
1 Solution
Rich WeisslerProfessional Troublemaker^h^h^h^h^hshooterCommented:
I assume you mean these instructions?
which should work in windows 2008 environments too.. but just in case you are using the 64 bit os... there is more information here:
It can be found from pwdLastSet attribute if there is anything older than 30 days in a native environment then it can be seen as inactive I do not know if u can bring up in the property sheet.

for users from the resource kit this file did the job acctinfo.dll

But I found this script interesting if it helps

Rich WeisslerProfessional Troublemaker^h^h^h^h^hshooterCommented:
I usually look at LastLogin as the most reliable, but that isn't replicated between domain controllers.  LastLogon-Timestamp IS replicated, but can be two weeks old on any specific domain controller.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Introducing Cloud Class® training courses

Tech changes fast. You can learn faster. That’s why we’re bringing professional training courses to Experts Exchange. With a subscription, you can access all the Cloud Class® courses to expand your education, prep for certifications, and get top-notch instructions.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now