Re: Need last logon time and account creation.

Thanks for the information ---

What would be the best and easiest way to get the following information
User ID
Name (First and Last)
Is the account Disabled
Time account was created.
Last login (Time stamp (both date and Time)
Last logoff (Time stamp (both date and Time)





"Richard Mueller [MVP]" wrote:

The script is too long to analyze, but the first step would be to figure out
which is line 158. That's hard for use do to the word wrapping that happens
when you paste code in messages. I think the line is:

set obj=GetObject(concat)

which would indicate that the value assigned to concat is invalid. A few
lines before include:

Set oRoot = GetObject("LDAP://RootDSE";)
'strDomain = oRoot.Get("DefaultNamingContext")
strDomain = DomainName

concat="LDAP://OU=Domain Controllers," & strDomain

and I find that the variable DomainName is assigned here:

DomainName = "dc=" & wscript.arguments(0) & ",dc=dk"

If the "set obj" statement is raising the error, have the script echo the
value of concat to see if it is valid.

--
Richard Mueller
Microsoft MVP Scripting and ADSI
Hilltop Lab - http://www.rlmueller.net
--

"Rob" <Rob@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:4A4FB5B2-392C-4C69-A478-C27AEE3765E3@xxxxxxxxxxxxxxxx
I pulled a last logon script from the internet, and i cant figure out why i
am getting the specified error:

(158, 5) (null): A referral was returned from the
server.

I want to retrieve, last logon, user id, accounts disabled and when
account
was created.

I thought it was the LDAP:\\ query and tried putting in dc =xyz,dc=local
But that didnt work either.

script pulled from internet below:

'
' File: AllUsersLastLogon.vbs
' DESCRIPTION:
' * User-ID
' * Last Logon server
' * Date and Time of last logon
' * Logon older than 30 days
' * Has never logged on at all.
' * Account Disabled
' * Account created at
' * Flag error Code
' * Users Full name
' * OU path
' * LDAP path
' * Special Error codes
Option Explicit
Dim DomainName, DomainName2, strDN, concat, obj
Dim objExcel, ws, WriteFile, WriteFilePath
Dim oConnection, oCommand, oRoot, strDomain
Dim strPath, strQuery, oResults, sPosition
Dim CRLF
Dim FolderPath
Dim fso, WshShell
Dim User, DC, ShowResult
Dim Pos1, Pos2, Pos3, Pos4, Pos5, Pos6
Dim OldYearTime, OldYearTimeLen, DateTimeCounter
Dim NewYearTime, NewYear, OldYear, CompareYear, NewYearVal, OldYearVal
Dim NewDate, NewDateTime, NewMonth, OldDate, OldDateTime, OldMonth,
NewDay,
NewDayVal, OldDay, OldDayVal
Dim NewTime, NewTimeVal, OldTime, OldTimeVal
Dim LogonDC, intButton
Dim i, x, c, DomainObj, UserObj
Dim UserLastLogonArray()
Dim MyArraySize
Dim MyDateAndTimePos, MyPeriodPos, a, MessageVal
Dim Flag, CodeAccDis, Code
Dim DCName, UserInDomain, DomainString, userName, iElement, UserVal
Dim strWhenCreated, objUser, DateTimeVal
Dim Users30DaysNo
Dim UserInDomainNo
Dim UsersNoLogonNo
Dim AccountDisNo, FileTime, ExcelPath, NoLastLoginCounter,
UserNeverLoggedOn

NoLastLoginCounter = 0
UserNeverLoggedOn = False
FileTime = Timer
AccountDisNo = 0
UsersNoLogonNo = 0
Users30DaysNo = 0
UserInDomainNo = 0
MessageVal = 0
DateTimeCounter = 0
OldYearTime = 1
FolderPath = "C:\Temp"
WriteFilePath = "C:\Temp\WriteAllUsersLastLogon"
c = 2
DateTimeVal = Date & " " & Time

'*******************************************************************************************
' Preliminary work and functions
'*******************************************************************************************

Set WshShell = Wscript.CreateObject("WScript.shell")
Set fso = CreateObject("Scripting.FileSystemObject")

Function ControlSyntax()
if wscript.arguments.count <> 1 Then
wscript.echo "Syntax error. Usage: cscript badauths.vbs loginname"
wscript.quit (5555)
end If
DomainName = "dc=" & wscript.arguments(0) & ",dc=dk"
DomainName2 = wscript.arguments(0) & ".dk"
End function

'Creates the folder if necssesary
Function MakeFolder()
If Not fso.FolderExists (FolderPath) then
fso.CreateFolder ("C:\Temp")
End If
End Function

'Creates the file if necssesary, and writes the headers of the rows
Function MakeFile()

If (fso.FileExists(WriteFilePath + ".htm")) Then
fso.DeleteFile(WriteFilePath + ".htm")
End If
Set WriteFile = fso.OpenTextFile(WriteFilePath & "_" & FileTime &
".htm", 8, true, -2)
WriteFile.Write "<html>" & vbCRLf & "<head>" & vbCRLf
WriteFile.Write "<link rel='style***' TYPE='text/css'
HREF='http://dkweb:12345/css/default.css'>" & vbCRLf
WriteFile.Write "</head>" & vbCRLf & "<body bgcolor='#98FB98'>" &
vbCRLf

WriteFile.Write "<script language='vbscript'>" & vbCRLf
WriteFile.Write "Set WShell = CreateObject(" & chr(34)& "WScript.Shell"
& chr(34) & ")" & vbCRLf
WriteFile.Write "</script>" & vbCRLf

WriteFile.Write "<h1 class='H4'>User last logon was ...</h1>" & vbCRLf
WriteFile.Write "<hr color='#6B8E23' width='100%'><br>" & vbCRLf
WriteFile.Write "<font class='LogText'>Script startet at " & Date & " "
& Time & vbCRLf
WriteFile.Write "<br><hr color='#6B8E23' width='100%'><br><font
class='LogText'>" & vbCRLf
WriteFile.Write "<br><br><h3>STATUS:" & vbCRLf & vbCRLf

Set objExcel = WScript.CreateObject("EXCEL.application")
objExcel.Visible = True
objExcel.Workbooks.Add
Set ws = objExcel.Worksheets(1)
objExcel.Active***.Name = "Last Logon"
ws.Cells(1,1).Value = "User-ID"
ws.Columns(1).ColumnWidth = 15
ws.Cells(1,2).Value = "Last logged on Server"
ws.Columns(2).ColumnWidth = 20
ws.Cells(1,3).Value = "At date and time"
ws.Columns(3).ColumnWidth = 20
ws.Cells(1,4).Value = "Older than 30 days"
ws.Columns(4).ColumnWidth = 25
ws.Cells(1,5).Value = "Has Never Logged On"
ws.Columns(5).ColumnWidth = 25
ws.Cells(1,6).Value = "Account Disabled"
ws.Columns(6).ColumnWidth = 20
ws.Cells(1,7).Value = "Account Created at"
ws.Columns(7).ColumnWidth = 18
ws.Cells(1,8).Value = "Flag Error Code"
ws.Columns(8).ColumnWidth = 15
ws.Cells(1,9).Value = "Users Full Name"
ws.Columns(9).ColumnWidth = 35
ws.Cells(1,10).Value = "OU path"
ws.Columns(10).ColumnWidth = 30
ws.Cells(1,11).Value = "LDAP path"
ws.Columns(11).ColumnWidth = 70
ws.Cells(1,12).Value = "Special Error codes"
ws.Columns(12).ColumnWidth = 20
objExcel.Range("A1:L1").Select
objExcel.Selection.Font.Bold = True
objExcel.Selection.Interior.ColorIndex = 5
objExcel.Selection.Interior.Pattern = 2
objExcel.Selection.Font.ColorIndex = 2
objExcel.Active***.Range("A1").Activate
ws.Cells(1,1).Select
intButton = WshShell.Popup("Working, please wait...", , "Working !",
64)
End Function

'*******************************************************************************************
' Get All Users for all DC's
'*******************************************************************************************

Function GetDCforDomain()
Set oConnection = CreateObject("ADODB.Connection")
Set oCommand = CreateObject("ADODB.Command")
oConnection.Provider = "ADsDSOObject"
oConnection.Open = "Active Directory Provider"
Set oCommand.ActiveConnection = oConnection

Set oRoot = GetObject("LDAP://RootDSE";)
'strDomain = oRoot.Get("DefaultNamingContext")
strDomain = DomainName

concat="LDAP://OU=Domain Controllers," & strDomain
'OU for Domain Controllers
set obj=GetObject(concat)

For Each DCName In obj
UserInDomainNo = UserInDomainNo + 1
Next

For Each DCName In obj
UserInDomain = DCName.name
Exit For
Next
ForAllUsers()
End Function

Function ForAllUsers()
Set DomainObj = GetObject("WinNT://" & DomainName2)
DomainObj.Filter = Array("user")
' List all users
For Each UserObj In DomainObj
userName = UserObj.Name
GetUserLastLogon()
NoGo = 0
'If c = 40 Then
'If you only want to check a specific number of users for a start
'Exit Function
'then undo the remark and type the number of users you want to check
'End If
Next
End Function

'*******************************************************************************************
' Get All Users LastLogin for all DC's
'*******************************************************************************************

Dim UsersOU, UserFullName, MyPos1, MyPos2, TopOU, SearchName, BadSymbol
Dim counter, BadName, NoGo, UserGotNoOU
counter = 0
NoGo = 0

Function GetUserLastLogon()
'Check all users LastLogin at all DC's
i = 2
x = 0
For Each DCName In obj
'For each DC in DC-collection, go check ...
strQuery = "SELECT distinguishedName, AdsPath, ou FROM 'LDAP://"; &
strDomain & "'WHERE sAMAccountName = '" & userName & "'"
oCommand.CommandText = strQuery
Set oResults = oCommand.Execute
strDN = oResults.Fields("distinguishedName")
strPath = DCName.name & "." & DomainName2 & "/" & strDN

'Remove the initial CN= from the distinguished name, put it back in
strPath.
sPosition = InStr(1, strPath, "=", 1)
strPath = Mid(strPath, sPosition +1)

Pos1 = InStr (1,strPath,"/",1)
DC = Left (strPath, (Pos1 -1))

Set User = GetObject("WinNT://" & DC & "/" & userName & ",user")
'userName = User-ID

UsersOU = oResults.Fields("AdsPath")
UserFullName = User.FullName

'-------- Checking validity of users FullName and OU membership
--------

MyPos1 = ""
MyPos2 = ""
UserGotNoOU = False
MyPos1 = InStr (4, UsersOU, "OU=", 1)

If MyPos1 = 0 Then
'If user is not a member of a manually created OU,
then
... (ex. member of default OU Users)
UserGotNoOU = True
MyPos1 = InStr (9, UsersOU, "CN=", 1)
'Search for the next 'CN=' in the AdsPath
MyPos2 = InStr (MyPos1, UsersOU, "DC=", 1)
TopOU = Mid (UsersOU, (MyPos1+3), ((MyPos2-1)-(MyPos1+3)))
'Gets a default OU, ex. OU=Users (It's really called
CN=Users)
Else
MyPos2 = InStr (MyPos1, UsersOU, "DC=", 1)
'Capture the users OU
TopOU = Mid (UsersOU, (MyPos1+3), ((MyPos2-1)-(MyPos1+3)))
.

Loading