Re: Any way to tell if a user hasn't logged in for a set period of time?
From: Steven L Umbach (n9rou_at_nospam-comcast.net)
Date: 02/08/05
- Next message: Gerry Hickman: "Duplicated mapped drives appear with new letters!"
- Previous message: Herb Martin: "Re: How to Find MAC addr"
- In reply to: Herb Martin: "Re: Any way to tell if a user hasn't logged in for a set period of time?"
- Next in thread: Herb Martin: "Re: Any way to tell if a user hasn't logged in for a set period of time?"
- Reply: Herb Martin: "Re: Any way to tell if a user hasn't logged in for a set period of time?"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 8 Feb 2005 15:08:30 -0600
Herb is right [as usual]. If you have a Windows XP Pro computer in the
domain you can install the adminpak for Windows 2003 [download from MS] on
it and logon as a domain admin, so make sure the computer is secure, and use
the Active Directory command line tools to query for accounts that have not
logged on in a certain number of weeks. You will have to do such on each
domain controller with the /s switch to get a list of suspects. The problem
is that a user who has not logged on via a particular domain controller for
a long time may simply be using a different domain controller. So after you
get your list of suspects, you will need to run [ net user username ] on
each domain controller to see the last time the user logged on and if it
shows to be a long time on all domain controllers it is probably safe to
suspect that these users may no longer be there but you want to check with
personnel just in case they are on disability, military leave, or pregnancy
leave for instance.
You should really should raise hell with the powers that be about the lack
of communication however. There may be better solutions if you check with
the scripting newsgroup or visit the Microsoft Scripting center. --- Steve
http://www.jsiinc.com/SUBO/tip7300/rh7330.htm -- dsquery.
http://www.microsoft.com/technet/scriptcenter/scripts/ad/default.mspx
"Herb Martin" <news@LearnQuick.com> wrote in message
news:u0C3ESgDFHA.392@TK2MSFTNGP14.phx.gbl...
> Apparently there was a Bug in Win2000 AD where the last
> logon time was never updated.
>
> You need Win2003 AD (and an advanced mode) for this
> I believe.
>
> --
> Herb Martin
>
>
> "Jacki Slough" <jslough@dortfcu.org> wrote in message
> news:#ZvD0tfDFHA.1932@TK2MSFTNGP14.phx.gbl...
>> Using Windows 2000 servers. We are having trouble in that we are not
> being
>> notified when staff quit or leave for other reasons. We would like to
>> remove their account from the network immediately. Is there a script
>> that
>> will tell us if a user hasn't logged in within a certain time frame? Or
> is
>> there a way to disable an account if it hasn't been used in so many days?
>> Any other ideas are appreciated!
>>
>>
>
>
- Next message: Gerry Hickman: "Duplicated mapped drives appear with new letters!"
- Previous message: Herb Martin: "Re: How to Find MAC addr"
- In reply to: Herb Martin: "Re: Any way to tell if a user hasn't logged in for a set period of time?"
- Next in thread: Herb Martin: "Re: Any way to tell if a user hasn't logged in for a set period of time?"
- Reply: Herb Martin: "Re: Any way to tell if a user hasn't logged in for a set period of time?"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
