n/p
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Monday, October 30, 2006 5:41 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] list lastlogontime for every user script Thanks for the
insight. BTW, DHTML won’t be missed… J :m:dsm:cci:mvp |
marcusoh.blogspot.com From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of joe Every
time an auth occurs that updates the lastLogon (not logonTime like I miswrote
last time) attribute a calculation is done based on the update frequency
value. This frequency can be modified by updating the msDS-LogonTimeSyncInterval
attribute on the domain NC head (for AD). If the update frequency
is greater than the swing value (5 days) then the update frequency value is
modified by subtracting a random number in the range of 0-5. That resulting
value (by default 9-14 days) is then compared to the length of time it has been
since the last update. If the time has exceeded that value, the stamp is
updated. The minimum frequency value for AD is 1 day, the max is in the hundreds
of years so not something you will likely notice a problem with. ADAM allows you
to specify 0 through the ADAMLastLogonTimestampWindow entry of the
msDS-Other-Settings attribute of the nTDSService object for the instance which
means update the attribute for every logon. This isn't an issue with ADAM as it
is with AD since with AD your machine can be doing auths on your behalf all
through the day and causing a lot of replication. ADAM auth is all very directed
and specific.
joe -- O'Reilly
Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of [EMAIL PROTECTED] by the short
description in msdn, if sounds as if there’s a comparison done when the user
logs on. If it’s been at least a week since the value was updated, it’s
subject to being updated again? At that point, the random
calculation? :m:dsm:cci:mvp |
marcusoh.blogspot.com From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of joe It
isn't, it is randomly calculated every time logonTime is updated.
-- O'Reilly
Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of [EMAIL PROTECTED] How
is this 9-14 day value tracked for each user object, by the
way? From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of joe oldcmp Keep in
mind that by default, lastLogonTimeStamp is not updated every day, it will be
updated about every 9-14 days (14 days with a random swing of minus 0-5
days). You can
output to csv or html, whatever is more convenient for you.
Alternately
if you just want to query the value directly, you can use adfind to
generate the output. However,
oldcmp tends to be easier for most folks.
joe -- O'Reilly
Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Ramon Linan Hi, I am
trying to do an script or something that will list lastlogontime for all users
so I can receive an email when someone has not use the account for more than 30
days. I have
seen a couple of examples of half built scripts that don't work, I get lost when
they start dealing with the converting the number to a
date... Does
anyone has a script will do some similar? does Joe ware has something
similar? Thanks Ramon |
- RE: [ActiveDir] Exchange Log files --Disk Full-- Aaron Steele
- RE: [ActiveDir] Exchange Log files --Disk Full-- Missy Koslosky
- RE: [ActiveDir] Exchange Log files --Disk Ful... Technical Support
- [ActiveDir] list lastlogontime for every ... Ramon Linan
- RE: [ActiveDir] list lastlogontime fo... joe
- RE: [ActiveDir] list lastlogontim... Marcus.Oh
- RE: [ActiveDir] list lastlog... joe
- RE: [ActiveDir] list las... Marcus.Oh
- RE: [ActiveDir] list las... joe
- RE: [ActiveDir] list las... Marcus.Oh
- RE: [ActiveDir] list las... joe
- RE: [ActiveDir] list las... Ramon Linan
- RE: [ActiveDir] list las... Almeida Pinto, Jorge de
- Re: [ActiveDir] list las... Al Mulnick
- RE: [ActiveDir] list las... joe
- RE: [ActiveDir] list las... Akomolafe, Deji
- RE: [ActiveDir] list las... joe
- Re: [ActiveDir] list las... Al Mulnick
- [ActiveDir] lastlogontim... Ramon Linan
- RE: [ActiveDir] Exchange Log files --Disk... Wells, James Arthur
- Re: [ActiveDir] Exchange Log files --... Albert Duro