[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

get-aduser and get-adcomputer lastLogon and LastLogonDate

Posted on 2016-11-25
3
Medium Priority
?
612 Views
Last Modified: 2016-11-25
if you run ad cmdlets to get all attributes about adusers and adcomputers, it returns 2 field, lastlogon and lastlogondate.

lastlogon never seems to contain a valid date, whereas lastlogondate does. However, how accurate are these commands. If you run them directly from a domain controller - is this representing the last time the user or computer logged into the domain via that specific domain controller, or is it a reflective lastlogondate over any domain controller?

If it is per domain controller - how can you get an accurate lastlogondate over any domain controller in the domain, as this info could be misleading? I prefer to use the ad cmdlets rather than anything else.
0
Comment
Question by:pma111
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 7

Accepted Solution

by:
Andy earned 2000 total points
ID: 41901608
Hi,
The information will be from the DC you're connected to when you logon.
To do it for all DC's you'd need to have a line for each DC specifying that DC.

If the user(s) is(are) in a site with 2 DC's then they'll use one of those 2 local DC's
0
 
LVL 3

Author Comment

by:pma111
ID: 41901616
is the lastLogontimeStamp replicated, so you can rely on that rather than having to run multiple reports and analyse lots of reports (one per DC).
0
 
LVL 7

Expert Comment

by:Andy
ID: 41901618
It should be correct as per the latest DC sync.
0

Featured Post

Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently we ran in to an issue while running some SQL jobs where we were trying to process the cubes.  We got an error saying failure stating 'NT SERVICE\SQLSERVERAGENT does not have access to Analysis Services. So this is a way to automate that wit…
Let's recap what we learned from yesterday's Skyport Systems webinar.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question