Since I'd hate for the "scripties" ;-) to be left out, here is another way to get the list of DCs for a domain using VBScript:
http://www.rallenhome.com/books/adcookbook/source/03/3.09-finding_dcs.vbs.tx t Robbie Allen > -----Original Message----- > From: Glenn Corbett [mailto:[EMAIL PROTECTED] > Sent: Wednesday, August 06, 2003 10:50 PM > To: [EMAIL PROTECTED] > Subject: Re: [ActiveDir] LDAP & LastLogin for Computers > > > LDAP & LastLogin for ComputersThanks hunter. > > here is some code to determine all DC's in the AD domain (so > you dont need > to hardcode the DC server list). It doesnt take into account > the relative > site topology. This routine basically returns a collection of > DC's, with the > server name, and FQDN of the server. Can be simplified to > only return the > name or FQDN, which means the return collection can be just > strings, not a > collection of classes (easier to handle in script), or just > tap into the > While..Not loop and do your processing. > > Glenn > > (Sorry to the scripties, its in VB.NET - and the formatting, > damn OLE doesnt > paste code very well) > > Public Class ServerColl > Public ServerName As String > Public LDAPPath As String > End Class > > Public Function GetDomainDCs() As Collection > 'General Description: > 'This function returns a Collection of ServerColl objects for all > ' domain controllers in the current domain > ' > 'Input Values: > ' None > ' > 'Output Values: > ' Collection of ServerColl objects > Dim RetCol As New Collection() > Dim oRootDSE > Dim strConfigNC As String > Dim strQuery As String > Dim oConnection > Dim oCmd > Dim oRecordSet > Dim oParent > Dim ServerRec As ServerColl > ' Get the Configuration Naming Context > oRootDSE = GetObject("LDAP://RootDSE";) > strConfigNC = oRootDSE.Get("configurationNamingContext") > ' Set up the oConnection > oConnection = CreateObject("ADODB.Connection") > oConnection.Provider = "ADsDSOObject" > oConnection.Open("ADs Provider") > ' Build the query to find all DC Records > strQuery = "<LDAP://"; & strConfigNC & > ">;(objectClass=nTDSDSA);ADsPath;subtree" > oCmd = CreateObject("ADODB.Command") > oCmd.ActiveConnection = oConnection > oCmd.CommandText = strQuery > oRecordSet = oCmd.Execute > ' Iterate through the results > If oRecordSet.Eof And oRecordSet.Bof Then > 'Errrr....couldnt find any DC's, perform some sort of > freak-out routine > Else > While Not oRecordSet.EOF > ServerRec = New ServerColl() > oParent = > GetObject(GetObject(oRecordSet.Fields("ADsPath").Value).Parent) > ' Output the name of the server > ServerRec.ServerName = oParent.cn > ServerRec.LDAPPath = oParent.AdsPath > RetCol.Add(ServerRec) > oRecordSet.MoveNext() > End While > End If > oRecordSet.Close() > oRootDSE=Nothing > GetDomainDCs = RetCol > End Function > > ----- Original Message ----- > From: Coleman, Hunter > To: '[EMAIL PROTECTED]' > Sent: Thursday, August 07, 2003 12:09 PM > Subject: RE: [ActiveDir] LDAP & LastLogin for Computers > > > I'm getting the computer "lastlogin" attribute, which as I > understand it is > the most recent time that the workstation authenticated to a domain > controller. I believe the oldest this timestamp would be is > the last time > the machine started up. Also, lastlogin is not a replicated > attribute, so > you have to check either all of the domain controllers or at > a minimum all > of the domain controllers in the workstation's site in order to get an > accurate value. I'll send you a copy of the script separately. > > Hunter > > > > > From: Glenn Corbett [mailto:[EMAIL PROTECTED] > Sent: Wednesday, August 06, 2003 7:28 PM > To: [EMAIL PROTECTED] > Subject: Re: [ActiveDir] LDAP & LastLogin for Computers > > > Hunter, > > Are you actually querying the workstation, or just the user > accounts ? If > your finding out when a computer was last logged onto, I > would LOVE to have > a copy of the script as well (so I can kick our desktop > support guys in the > bum to clean up *MY* AD) *grin* > > Glenn > [EMAIL PROTECTED] > > > ----- Original Message ----- > From: Coleman, Hunter > To: '[EMAIL PROTECTED]' > Sent: Thursday, August 07, 2003 3:48 AM > Subject: RE: [ActiveDir] LDAP & LastLogin for Computers > > > I've sent you off-list a copy of a script we use to get this > information. > Hope it helps > > Hunter > > > > > From: England, Christopher M [mailto:[EMAIL PROTECTED] > Sent: Wednesday, August 06, 2003 8:22 AM > To: [EMAIL PROTECTED] > Subject: [ActiveDir] LDAP & LastLogin for Computers > > > Greetings all, > I am trying to pull LDAP queries on computer accounts and I > want to find out > the last time someone logged into the machine. "WhenModified" > is just the > computer account object and "LastLogin" is just for user > accounts. Am I out > of luck? > What I have is this: 400 or so computer accounts in one OU (with many > sub-OUs) probably need to be 1) moved to a new OU or 2) > deleted. #1 happens > if they have logged in in say the last few months. #2 if not. > Any suggestions would be great! > Thanks, > Chris > --------------------------------------------------------- > Christopher England > Server Administrator > MCSA, Server+, Network+, A+ > College Information Technology Office > Indiana University > > List info : http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: > http://www.mail-archive.com/activedir%> 40mail.activedir.org/ > List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
