Re: AD/E2K Last User Logon Question
From: Deji Akomolafe (deji_at_REMOVEPADDINGakomolafedotcom)
Date: 09/24/04
- Previous message: Deji Akomolafe: "Re: DNS service verification problem"
- In reply to: Frank: "AD/E2K Last User Logon Question"
- Messages sorted by: [ date ] [ thread ]
Date: Fri, 24 Sep 2004 00:59:02 -0700
It's not a bug, it's "feature" ;)
In Win2K, the lastlogon is not replicated among all the DCs, so you will get
different results depending on which DC you query for that value. You will
need to aggregate the result to find the most current, and that will, most
likely be the real lastlogon. There are vbscripts that will do this
aggregation for you: http://www.rlmueller.net/freecode4.htm
I have also just read that Hyena's Reporter will do the aggregation for you.
I haven't had time to test it out yet.
As for Win2K3, this "feature" has now been "improved". The lastlogon is now
replicated among the DCs and is aggregated as lastlogontimestamp. So, if you
want to see the TRUE lastlogon time for a user, you will need to query for
that attribute instead of simply looking for "lastlogon"
-- Sincerely, Dèjì Akómöláfé, MCSE MCSA MCP+I Microsoft MVP - Directory Services www.readymaids.com - COMPLETE SPAM Protection www.akomolafe.com Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon "Frank" <frank_guzowski@hotmail.com> wrote in message news:27cc01c4a19b$1cfc5c00$a601280a@phx.gbl... > BACKGROUND: > > Current Infrastructure > > AD 2003 Forest and 2003 Domain > > 1 Windows 200 Child Domain > > Trust with 1 NT4.0 domain > > Exchange 2000 Native mode (OWA Enabled inside and external > to company) > > Outlook 2002 clients > > > > Overview: > > We are currently attempting to clean up our AD GAL and > user accounts. We have run 3 different tools to show us > last logon date for each user account: > > > > System tools- Hyena > > http://www.systemtools.com/ > > > > System Tools- DumpSec > > http://www.systemtools.com/somarsoft/ > > > > Windows resource Kit Tool > > Usrstat > > > > Problem: > > All the tools show the same user information for last > logon. They all query all the DC/GC and look for > last "True Logon". When run against our 3 DC's separately. > They show different times for last logon. > > > > QUESTION 1: > > Why doesn't the last logon show the same for all DC's? > > > > Example- DC1- Last logon 06-27-04 > > DC2- Last logon 03-15-04 > > DC3- Last logon Never > > When you pull true last logon using the tools it does show > the 06-27-04 but again, why is it different. If it is a > single AD and there is replication (which is not failing- > checked with ReplMon) shouldn't last logon show for all > DC's the same? > > > > QUESTION 2: > > Buildings off of Question 1--- We know that some of the > data is incorrect. We have users logging into AD to use > Exchange 2000. It is not their default logon domain. The > NT4.0 trusted one is. (In most cases). The dates above > show for a current user in our organization. I know the > data is not correct because the user works in the same > building and had signed into AD/Exchange to use mail all > this week. > > > > Is this a possible bug with AD? Any hot fixes we should > check? Could there be a problem with the Trust if user > ID's and passwords are the same? > > >
- Previous message: Deji Akomolafe: "Re: DNS service verification problem"
- In reply to: Frank: "AD/E2K Last User Logon Question"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
