Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 449
  • Last Modified:

Last logon date/time of disabled Windows & Linux accounts

For our User accounts audit, audit requested for last logon / used
date and time of disabled accounts (for both local & domain accounts).

We have mainly Windows 2008 R2 & Linux (RHEL 5.x/6.x and Suse).

Without enabling back the accounts, I can't get the last logon date/time
of disabled accounts  using Windows wmic and Linux "last" & "lastlog"
commands.

Q1:
Is there any other way to get this last logon information?

Q2:
For accounts that are used by services/apps like Oracle
& VMWare SA converter as well as Linux accounts that
we 'sudo' only, I also can't get last logon/used info?
Any way to get it?
0
sunhux
Asked:
sunhux
  • 2
  • 2
3 Solutions
 
Emmanuel AdebayoGlobal Windows Infrastructure Engineer - ConsultantCommented:
For Windows, you can use the powershell  Get-ADuser as in the assist I provided earlier from the link below.

http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Windows_Server_2008/Q_28468668.html

I'm not Linux based, I know as expert will respond shortly.

Regards
0
 
sunhuxAuthor Commented:
That's for AD/domain account.  What about Windows local accounts.

To the Linux experts, do reply on Linux accounts, thanks
0
 
Seth SimmonsSr. Systems AdministratorCommented:
why can't you use last or lastlog?
any errors?

doing sudo /usr/bin/last or sudo /usr/bin/lastlog yields what?
0
 
sunhuxAuthor Commented:
It just says "*** Logon information not available ***"
(even when issued using sudo or root)
0
 
Seth SimmonsSr. Systems AdministratorCommented:
maybe someone overwrote the file?
what you are doing is correct; message means there is nothing there in the log to show
0

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now