Re: AD Last User Logon Question
From: Joe Richards [MVP] (humorexpress_at_hotmail.com)
Date: 09/24/04
- Next message: Joe Richards [MVP]: "Re: The four major roles of a PDC Emulator?"
- Previous message: smooredhs: "Re: restricted groups"
- In reply to: Frank: "Re: AD Last User Logon Question"
- Next in thread: Kevin Stanush: "Re: AD Last User Logon Question"
- Messages sorted by: [ date ] [ thread ]
Date: Fri, 24 Sep 2004 12:57:42 -0400
lastLogon is NOT EVER replicated no matter what forest functional mode you are in.
There is a new attribute called lastLogonTimeStamp that is replicated when you
get to the right mode. That attribute does not show up to date values, they can
be up to, I think, 10 days off. You can modify that latency time but unless you
have a very centralized directory with lots of horsepower or very few users I
don't recommend changing it. The concept behind that attribute it to show
accounts that are in use within a couple of weeks, not show who logged on today.
Last being said, when you scan all DCs, do you catch lastLogon for these users
using Exchange?
-- Joe Richards Microsoft MVP Windows Server Directory Services www.joeware.net Frank wrote: > Exchange 2000 Native mode tied to AD domain 2003 that > users are only using to access mail. The concern is that > we know the users are loging into mail, yet the dc/gc > shows older dates and times. > In forst and domain functional level 2003- last logon is > replicated. We are currently domain functional level 2003 > not forest. > >>-----Original Message----- >>1. Last logon is not a replicated attribute, it is unique > > to every DC. This was > >>done on purpose. My last forest I managed had 250k users. > > Replicating last logon > >>attributes would have killed my directory. >> >>2. Is the exchange mailbox tied to the NT4 account or to > > an AD Account? > >>-- >>Joe Richards Microsoft MVP Windows Server Directory > > Services > >>www.joeware.net >> >> >> >>Frank wrote: >> >>>Overview: >>> >>>We are currently attempting to clean up our AD GAL and >>>user accounts. We have run 3 different tools to show us >>>last logon date for each user account: >>> >>>System tools- Hyena >>>http://www.systemtools.com/ >>>System Tools- DumpSec >>>http://www.systemtools.com/somarsoft/ >>>Windows resource Kit Tool >>>Usrstat >>> >>>Problem: >>> >>>All the tools show the same user information for last >>>logon. They all query all the DC/GC and look for >>>last "True Logon". When run against our 3 DC's > > separately. > >>>They show different times for last logon. >>>QUESTION 1: >>>Why doesn't the last logon show the same for all DC's? >>>Example- DC1- Last logon 06-27-04 >>> >>> DC2- Last logon 03-15-04 >>> >>> DC3- Last logon Never >>> >>>When you pull true last logon using the tools it does > > show > >>>the 06-27-04 but again, why is it different. If it is a >>>single AD and there is replication (which is not > > failing- > >>>checked with ReplMon) shouldn't last logon show for all >>>DC's the same? >>> >>>QUESTION 2: >>> >>>Buildings off of Question 1--- We know that some of the >>>data is incorrect. We have users logging into AD to use >>>Exchange 2000. It is not their default logon domain. > > The > >>>NT4.0 trusted one is. (In most cases). The dates above >>>show for a current user in our organization. I know the >>>data is not correct because the user works in the same >>>building and had signed into AD/Exchange to use mail > > all > >>>this week. >>> >>> >>>Is this a possible bug with AD? Any hot fixes we should >>>check? Could there be a problem with the Trust if user >>>ID's and passwords are the same? >>> >>> >> >>. >>
- Next message: Joe Richards [MVP]: "Re: The four major roles of a PDC Emulator?"
- Previous message: smooredhs: "Re: restricted groups"
- In reply to: Frank: "Re: AD Last User Logon Question"
- Next in thread: Kevin Stanush: "Re: AD Last User Logon Question"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
