We help IT Professionals succeed at work.

Find AD accounts that never logged in

I use this ability to find when accounts have logged in last.

In my 2003 Domain, I can go into ADUC, right-click on Saved Queries", select NEW -> QUERY, give it a name and description, select a point in my AD tree for the query to run, click "Define Query" and select 180 in the "Days since last logon" dropdown.

What the above doesn't do is show you accounts that have never been logged in. that the addt info tab still shows password needs set during first log in.

Is there a good LDAP query that can be ran to show users that have never logged in or a query that already exist ??
Comment
Watch Question

Commented:
dsquery user -inactive 24

Note query is in weeks instead of days

Author

Commented:
but this is a set amount of days, how do i do the search for users that have never logged in
CERTIFIED EXPERT
Top Expert 2013
Commented:
You can use

(objectcategory=person)(objectclass=user)(!lastlogontimestamp=*)


You can take the not (!) out if you want to see all users that have logged on.

Thanks

Mike

Author

Commented:
This is exactly what i was looking for, Thanks !!