?
Solved

What triggers AD "last AD logon"

Posted on 2014-12-02
5
Medium Priority
?
175 Views
Last Modified: 2014-12-18
We have users that have their accounts supposedly disabled once they leave the company, but checking their last logon in AD shows the date, days and weeks after they leave the company.

Does accessing your exchange email show as an AD logon?

Does access exchange email using smartphone show as AD logon?

thanks
0
Comment
Question by:rdefino
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 11

Expert Comment

by:sumeshbnr
ID: 40477757
Most probably Yes because exchange uses AD to authenticate the user .But I am doubting how do access the mail if the users account is disabled.
0
 
LVL 79

Accepted Solution

by:
arnold earned 2000 total points
ID: 40477761
Any Ad authentication is sent to the DC that updates the event.
Based on your question "disabled" means password changed? Or supposedly means someone should have, but not clear when this step to actually disable the account was undertaken?

If you aggregate your DCs security log, you can query it to identify the source and type of AUTH requests received for this user.
0
 
LVL 5

Expert Comment

by:A Karelin
ID: 40477820
supposedly disabled or disabled or not?
0
 
LVL 25

Expert Comment

by:NVIT
ID: 40477935
I think the OP means the account is disabled but AD (where is this shown?) still shows logon dates occurring.
0
 
LVL 5

Expert Comment

by:A Karelin
ID: 40477949
What attribute did you check? LastLogonTimeStamp or LastLogon.
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
Microsoft Office 365 is a subscriptions based service which includes services like Exchange Online and Skype for business Online. These services integrate with Microsoft's online version of Active Directory called Azure Active Directory.
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
Suggested Courses
Course of the Month10 days, 2 hours left to enroll

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question