Err I feel silly. Yes of course if you are in DFL2 you could use oldcmp to generate a user lastlogontimestamp based report. If not though, it will key off of pwdLastSet which is an entirely different creature.
joe -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jorge de Almeida Pinto Sent: Wednesday, June 15, 2005 8:17 AM To: [email protected] Subject: RE: [ActiveDir] Last Logon attempts Or use OLDCMP (also from Joe) which can generate a nice HTML report -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Wednesday, June 15, 2005 02:29 To: [email protected] Subject: RE: [ActiveDir] Last Logon attempts Tony pointed you to a lesson on fishing. Once you understand how to get the info for one user, you can expand it to get all. I haven't looked at that article closely but hopefully it talks about some of the shortcomings. Short and sweet there is no guaranteed mechanism to perfectly get last logon report for users. There are multiple mechanisms to try and get the data but nothing is completely full proof, some logons don't get get tracked (such as LDAP Simple Binds) and some mechanisms require you to query every single DC for every single user and some mechanisms can be as much as a week out of date for the last logon. The easiest mechanism is the lastLogonTimeStamp mechanism available in Windows Server 2003. It is 7 days out of date at worst by default because it doesn't track every logon for every user, only specific logons and of those it only updates the values every 7 days (again by default). It is though, by far the easiest mechanism and only requires querying one DC per domain. You can get the output like this (all one line) adfind -b dc=domain,dc=com -tdc -f "&(objectcategory=person)(lastlogontimestamp=*)" lastlogontimestamp Any other mechanism will require querying every DC in a domain and collecting info for every user OR doing something with logon scripts. They will all have their issues and again, none of the mechanisms are foolproof so keep that in mind. The mechanisms behind logon/authentication is a bit different in the Windows world than it is in some of the other Oses. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ravi Dogra Sent: Tuesday, June 14, 2005 8:09 PM To: [email protected] Subject: Re: [ActiveDir] Last Logon attempts Hi Tony, What i need is a consolidated report for all users, not a single user. If there is a third party solution then let it be. -- DR On 6/15/05, Tony Murray <[EMAIL PROTECTED]> wrote: > Hi Ravi > > There's a good explanation and script (using lastLogonTimeStamp) shown here: > > http://www.microsoft.com/technet/scriptcenter/topics/win2003/lastlogon > .mspx > > Tony > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Ravi Dogra > Sent: Wednesday, 15 June 2005 11:39 a.m. > To: [email protected] > Subject: [ActiveDir] Last Logon attempts > > Hi, > > Can we have a last logon consolidated report for all my users. I need > collective information about last logons of all my users. > > Can anyone suggest any easy way. > -- > DR > List info : http://www.activedir.org/List.aspx > List FAQ : http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ > ###################################################################### > ###### This e-mail message has been scanned for Viruses and Content > and cleared by NetIQ MailMarshal at Gen-i Limited > ###################################################################### > ###### > > ###################################################################### > ####### This communication, including any attachments, is > confidential. > If you are not the intended recipient, you should not read it - please > contact me immediately, destroy it, and do not copy or use any part of > this communication or disclose anything about it. > Thank You. > > Please note that this communication does not designate an information > system for the purposes of the NZ Electronic Transactions Act 2002. > > This email was scanned and cleared by NetIQ MailMarshal at Gen-i Limited. > ############################################################################ # > List info : http://www.activedir.org/List.aspx > List FAQ : http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ > -- Ravi Dogra 9899647200 This e-mail, together with any attachments, is confidential. It may be read, copied and used only by the intended recipient. If you have received it in error, please notify the sender immediately by e-mail or telephone. Please then delete it from your computer without making any copies or disclosing it to any other person. List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
