I use this ability to find when accounts have logged in last.
In my 2003 Domain, I can go into ADUC, right-click on Saved Queries", select NEW -> QUERY, give it a name and description, select a point in my AD tree for the query to run, click "Define Query" and select 180 in the "Days since last logon" dropdown.
What the above doesn't do is show you accounts that have never been logged in. that the addt info tab still shows password needs set during first log in.
Is there a good LDAP query that can be ran to show users that have never logged in or a query that already exist ??