Re: Last Logon Time Stamp
- From: "Richard Mueller [MVP]" <rlmueller-NOSPAM@xxxxxxxxxxxxxxxxxxxx>
- Date: Thu, 2 Jun 2005 11:33:43 -0500
Larry Lim wrote:
> I am new to script.
> I need to list out inactive accounts more than 90 days in both AD accounts
> and Exchange accounts. As some users do not join the domain but still uses
> the Exchange via Outlook. Am I right to say that domain users account and
> Exchange accounts are authenticate by the Active Directory Database?
> I saw this from the Script Center and think this should be only for 1
user.
>
> Is it possible to use this script to query the Active Directory for all
> users? I have a total of 8000 users which is quite impossible to query 1
by
> 1.
> Set objUser = GetObject("LDAP://cn=Ken Myer, ou=Finance, dc=fabrikam,
> dc=com")
> Set objLastLogon = objUser.Get("lastLogonTimestamp")
>
> intLastLogonTime = objLastLogon.HighPart * (2^32) + objLastLogon.LowPart
> intLastLogonTime = intLastLogonTime / (60 * 10000000)
> intLastLogonTime = intLastLogonTime / 1440
>
> Wscript.Echo "Last logon time: " & intLastLogonTime + #1/1/1601#
> What statement must I add to this script to let it check all the users in
> the domain?Please advise.Thanks and Regards.Larry
Hi,
Use ADO to retrieve lastLogonTimeStamp for all users. See this link for help
using ADO:
http://www.rlmueller.net/ADOSearchTips.htm
And here is a sample program that retrieves the distinguishedName for all
users:
http://www.rlmueller.net/Create%20User%20List%202.htm
You can modify this to retrieve both distinguishedName and
lastLogonTimeStamp. Just add to the comma delimited list of attributes. For
example use:
strQuery = "<LDAP://"; & strDNSDomain & ">;" & strFilter _
& ";distinguishedName,lastLogonTimeStamp;subtree"
Then, in the loop that enumerates the resulting recordset retrieve both
values:
' Enumerate all users. Write each user's Distinguished Name to the file.
Set objRecordSet = objCommand.Execute
Do Until objRecordSet.EOF
strDN = objRecordSet.Fields("distinguishedName")
lngDate = objRecordset.Fields("lastLogonTimeStamp")
On Error Resume Next
Set objDate = lngDate
If (Err.Number <> 0) Then
On Error GoTo 0
dtmDate = #1/1/1601#
Else
On Error GoTo 0
lngHigh = objDate.HighPart
lngLow = objDate.LowPart
If (lngLow < 0) Then
lngHigh = lngHigh + 1
End If
If (lngHigh = 0) And (lngLow = 0) then
dtmDate = #1/1/1601#
Else
dtmDate = #1/1/1601# + (((lngHigh * (2 ^ 32)) _
+ lngLow)/600000000 - lngBias)/1440
End If
End If
objFile.WriteLine strDN & ": " & CStr(dtmDate)
objRecordSet.MoveNext
Loop
You can also echo to the console and redirect the output to a text file. If
desired, you could retrieve sAMAccountName (the NT name, also called the
"pre-Windows 2000 logon name") instead of distinguishedName.
Note that my conversion is a little different from yours. There is a bug in
the IADsLargeInteger interface (which provides the HighPart and LowPart
methods). I have extra code to correct for this. Also, I adjust by the time
zone bias (lngBias in my snippet). Both of these adjustments could be
ignored in your case, as they amount to a few hours and you are worried
about days. Still, for details, see:
http://www.rlmueller.net/Integer8Attributes.htm
Since lastLogonTimeStamp is in UTC (Coordinated Universal Time), I correct
for the local time zone bias, which I read from the local machine registry.
lngBias is in minutes.
--
Richard
Microsoft MVP Scripting and ADSI
Hilltop Lab web site - http://www.rlmueller.net
--
.
- References:
- Last Logon Time Stamp
- From: Larry Lim
- Last Logon Time Stamp
- Prev by Date: RE: populate group from LDAP query
- Next by Date: RE: populate group from LDAP query
- Previous by thread: Last Logon Time Stamp
- Next by thread: re:Last Logon Time Stamp
- Index(es):
Relevant Pages
|
Loading
