Re: Obtaining Last Logon Time for Domain User
- From: "Ace Fekay [MVP]" <PleaseSubstituteMyActualFirstName&LastNameHere@xxxxxxxxxxx>
- Date: Wed, 31 Aug 2005 22:27:51 -0400
In news:819ACD79-F8AC-47A5-AB1A-D30B411624BD@xxxxxxxxxxxxx,
mpallo <mpallo@xxxxxxxxxxxxxxxxxxxxxxxxx> made this post, which I then
commented about below:
> We are currently running a WIN 2000/2003 Active Directory
> environment. Today we had a situation where we needed to know the
> last time a user logged on to our domain. I assume there are
> numerous ways to do this. We are not auditing any of this activity
> via group policy.
>
> What is the quickest way to gain access to this info for a particular
> user?
>
> Thanks so much.
Here's are two older posts I combined that were posted by, and with their
blessings to repost their work, Matjaz Ladava and Jerold Schulman, both
depicting ways to do this. Read thru and you can determine the best method.
There may be other methods out there.
/start repost
---- Original Message ----
From: "Matjaz Ladava [MVP]" <matjaz@xxxxxxxxxxxxxxxxxx>
Newsgroups: microsoft.public.win2000.active_directory
Sent: Monday, July 07, 2003 1:27 PM
Subject: Re: Last time each NT account was accessed
> Beside what Jerold suguested, I have created a simple tool for
> querying lastLogon attribute in AD for User
> and Computer accounts. The purpose of this tool it, to get a list of
> User/Computer objects which are inactive for specific number of days.
> The tool queries all DC's on in the domain for object lastLogon
> attribute and displays it in the list with lastLogon date/time, days
> of inactivity, dn of the attribute and the server on which the object
> was last authenticated.
>
> The tool is written with C# in .NET framework 1.1, so you need .NET
> framework 1.1 to run this tool (you can get it from Windows Update).
>
> The tool doesn't have functionality for removing objects, but it
> could be added in the future.
>
> No need to say, that the tool is available free with source code for
> anyone to see and modify. If you have any question regarding this
> tool please feel free to ask.
>
> Download Link (executables only) :
> http://ladava.com/faq/uploads/ADInactiveObjects.zip
> Download Link (source code):
> http://ladava.com/faq/uploads/ADInactiveObjects_src.zip
>
> --
> Regards
>
> Matjaz Ladava, MCSE (NT4 & 2000), MVP
> matjaz@xxxxxxxxxx
> http://ladava.com
>
> "Jerold Schulman" <Jerry@xxxxxxxxxx> wrote in message
> news:l38jgvojqq57ks43j8k0suoe4gr40bt2e8@xxxxxxxxxx
>> On Mon, 7 Jul 2003 08:28:14 -0700, "ag" <agee@xxxxxxxxxxxxxxx> wrote:
>>
>>> Do you know of a utility which can find the last time each
>>> NT account was accessed or logged into? I know there was
>>> a utility for NT, but I would like to run it against my
>>> OU's in AD. I am trying to clean out old accounts.
>>>
>>> Thanks,
>>> ag
>>
>> You can use tip 3410 in the 'Tips & Tricks' at http://www.jsiinc.com
>> to interagate "Last logon" or you can simply script it in a batch
>> file: (I have assumed a date format of MM/DD/YYYY. The output is in
>> LastLogon.txt in the current folder. You run this from your
>> workstation.)
>>
>> @echo off
>> setlocal
>> if exist LastLogon.txt del /q LastLogon.txt
>> if exist LastLogon.tmp del /q LastLogon.tmp
>> for /f "Skip=6 Tokens=*" %%i in ('net user /domain') do set
>> line=%%i&call parse
>> sort /R LastLogon.tmp /O LastLogon.txt
>> del /q LastLogon.tmp
>> endlocal
>> goto :EOF
>>> strip
>> set short=%name%#
>> set short=%short: =%
>> set short=%short: #=#%
>> set short=%short:#=%
>> set user="%short%"
>> for /f "Skip=20 Tokens=*" %%j in ('net user %user% /domain') do set
>> work=%%j&call :LL
>> goto :EOF
>>> LL
>> if /i "%work:~0,10%" EQU "Last logon" goto yyyymmdd
>> goto :EOF
>>> yyyymmdd
>> set user=%user:"=%
>> if /i "%work:~29,5%" EQU "never" goto nvr
>> set dte=%work:~29,10%
>> set mm=%dte:~0,2%
>> set dd=%dte:~3,2%
>> set yy=%dte:~6,4%
>> @echo %yy%%mm%%dd% %user%>>LastLogon.tmp
>> goto :EOF
>>> nvr
>> @echo Never--- %user%>>LastLogon.tmp
>> goto :EOF
>>> parse
>> set name=%line:~0,25%
>> If /i "%name%" EQU "The command completed suc" goto :EOF
>> call :strip
>> set name=%line:~25,25%
>> if not "%name%" EQU "" call :strip
>> set name=%line:~50,25%
>> if not "%name%" EQU "" call :strip
>>
>>
>> Jerold Schulman
>> Windows: General MVP
>> JSI, Inc.
>> http://www.jsiinc.com
/end repost
--
Regards,
Ace
Please direct all replies ONLY to the Microsoft public newsgroups
so all can benefit.
This posting is provided "AS-IS" with no warranties or guarantees
and confers no rights.
Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft Windows MVP - Windows Server - Directory Services
Infinite Diversities in Infinite Combinations.
=================================
.
- References:
- Obtaining Last Logon Time for Domain User
- From: mpallo
- Obtaining Last Logon Time for Domain User
- Prev by Date: re:Forgot login Password
- Next by Date: Re: Passwords are not being enforced to 5 char.
- Previous by thread: Obtaining Last Logon Time for Domain User
- Next by thread: Terminating replication to an ADAM instance
- Index(es):
Relevant Pages
|
