?
Solved

last logon

Posted on 2011-10-04
18
Medium Priority
?
1,020 Views
Last Modified: 2012-05-12
please how can I know the last logon for a user in Active directory
thx
0
Comment
Question by:DRRAM
  • 7
  • 6
  • 2
  • +3
18 Comments
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36912748
Here is a script that gets you the last logon for the users.

http://gallery.technet.microsoft.com/scriptcenter/c69303e3-7978-4c5a-bf28-e55e9a71082c
0
 
LVL 27

Expert Comment

by:KenMcF
ID: 36912752
How mnay DCs do you have?

You can query the lastlogon attribnute on each DC using programs like ADFind or powershell

adfind -default -f "(&(objectcategory=person)(objectclass=user)" samaccountname,lastlogon

or query the lastlogontimestamp which is replicated every 9-14 days

adfind -default -f "(&(objectcategory=person)(objectclass=user)" samaccountname,lastlogontimestamp
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 

Author Comment

by:DRRAM
ID: 36912798
dariusg
it is in power shell
is that you have another in vbs
or other idea or command
0
 

Author Comment

by:DRRAM
ID: 36912909

KenMcF

does not work


ldap_get_next_page_s: [WIN-72DPOQ5V76I.ent.fr] Error 0x57 (87) - Erreur de filtr
e


0 Objects returned
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 36912924
0
 
LVL 37

Expert Comment

by:Neil Russell
ID: 36912933
Or a great toolset that can be purchased for not much money. Every sysadmin should have a copy!

http://www.dovestones.com/products/True_Last_Logon.asp
Thats one of the tools in the toolset

The full toolset is at http://www.dovestones.com/products/active-directory-tools.asp

$199US
0
 
LVL 27

Expert Comment

by:KenMcF
ID: 36912970
forgot a )


adfind -default -f "(&(objectcategory=person)(objectclass=user))" samaccountname,lastlogon

there is also a swithc to decode the timestamp

-tdcs
0
 

Author Comment

by:DRRAM
ID: 36913181
KenMcF
""adfind -default -f "(&(objectcategory=person)(objectclass=user))" samaccountname,lastlogon"""

it not give me the date and duration of the last logon ..????
0
 
LVL 27

Expert Comment

by:KenMcF
ID: 36913347
sorry do not use the comma

adfind -default -f "(&(objectcategory=person)(objectclass=user))" samaccountname lastlogon -tdcs
0
 

Author Comment

by:DRRAM
ID: 36913492
KenMcF:

very well
and if I well clarify that the users not connect from 180 days
0
 
LVL 27

Expert Comment

by:KenMcF
ID: 36913541
You can use ADFind for that but I think another one of joes tools is easier to use for this, oldcomp

here is an ADFind example
http://blog.joeware.net/2008/11/28/1517/


Oldcmp.exe –report –users –age 180 –llts
0
 

Author Comment

by:DRRAM
ID: 36913632
OldCmp V01.05.00cpp Joe Richards (joe@joeware.net) December 2004

ERROR: No action options specified.
ERROR: Please specify one of the following:
ERROR:      /report
ERROR:      /disable
ERROR:      /delete


Type oldcmp /help or oldcmp /? for usage assistance.
0
 
LVL 27

Expert Comment

by:KenMcF
ID: 36913752
try

Oldcmp.exe /report /users /age 180 -llts
0
 

Author Comment

by:DRRAM
ID: 36913856
age 180 ?????
0
 
LVL 27

Expert Comment

by:KenMcF
ID: 36913880
From the help file

 -age x         Min Days Old for password age.  (Default 90 days)

 -llts          If K3 domain in Domain Functional mode uses
                lastLogonTimeStamp instead of pwdLastSet for age options.
0
 
LVL 24

Accepted Solution

by:
Sandeshdubey earned 2000 total points
ID: 36914445
You can use third party software True Last Logon 2.9.You can export the file in excel for report creation.You can use the trial version this will achieve what you are looking for.

True Last Logon displays the following Active Directory information:
--Users real name and logon name
--Detailed account status
--Last Logon Date & Time
--Last Logon Timestamp (Replicated value)
--Account Expiry Date & Time
--Enabled or Disabled Account
--Locked Accounts
--Password Expires
--Password Last Set Date & Time
--Logon Count
--Bad Password Count
--Expiry Date
--You can also query for any other attribute (Example: Description, telephone Number, custom attibutes etc)

Refer the below link for trial version:
http://www.dovestones.com/products/True_Last_Logon.asp
0
 

Author Closing Comment

by:DRRAM
ID: 36914986
THX
0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Resolving an irritating Remote Desktop connection that stops your saved credentials from being used.
Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
Suggested Courses

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question