Hi Amy,
AdFind won't read a list of users from your spreadsheet. It
accepts a given query and then outputs the results from it. The query you have
below says return all objects which have an objectclass of user which matches
users, computers, and trusts. If you want info for a specific user, specify
something unique that AdFind can zero in on for the user OR specify the DN of
the user object for the -b switch (base DN). So for instance, say you had the
same accountname attribute for each user your filter would be
"samaccountname=xxx" where xxx would be the samAccountName of whichever user you
were looking up.
To do multiple users out of a file, you would need to use
some sort of script to loop through the file. Preferably, you generated that
list based on some attribute in AD (say like employeetype or something) and then
you just use that for the query.
As for the values that got output... You probably want the
-tdcs switch which will convert the int8 (64 bit integer) values into human
readable times.
Oh, lastLogon is not replicated, it is only good on the DC
that you are querying. LastLogonTimestamp is replicated but isn't updated for
every authentication.
If you want the info in CSV format, which is likely when
you have many objects you want info for, add -csv to the adfind
switches.
So if you had a list of samaccountnames in a text file
called user.txt and you wanted that info, a basic perl script to get it would be
something like...
# perl script start
my $base="-b dc=hantspol,dc=gov,dc=uk"; # use -default if
you have a single domain
my $attrlist="lastLogonTimeStamp"; # space delimited list of attributes for output
my $cnt=0;
foreach my $this (<>)
{
chomp $this;
my $filter="\"samaccountname=$this\"";
my $cmd="adfind $base -f $filter $attrlist -tdcs -csv \"\"";
if ($cnt) {$cmd.=" -nocsvheader"};
print`$cmd`;
$cnt++;
}
my $attrlist="lastLogonTimeStamp"; # space delimited list of attributes for output
my $cnt=0;
foreach my $this (<>)
{
chomp $this;
my $filter="\"samaccountname=$this\"";
my $cmd="adfind $base -f $filter $attrlist -tdcs -csv \"\"";
if ($cnt) {$cmd.=" -nocsvheader"};
print`$cmd`;
$cnt++;
}
# perl script end
The
run of that would look something like
G:\Temp>test.pl
user.txt
"dn","lastLogonTimeStamp"
"CN=joe,OU=Users,OU=My,DC=test,DC=loc",""
"CN=$joe,OU=Users,OU=My,DC=test,DC=loc","2006/06/11-08:20:27 Eastern Standard Time"
"CN=Administrator,CN=Users,DC=test,DC=loc","2006/06/11-10:33:25 Eastern Standard Time"
"dn","lastLogonTimeStamp"
"CN=joe,OU=Users,OU=My,DC=test,DC=loc",""
"CN=$joe,OU=Users,OU=My,DC=test,DC=loc","2006/06/11-08:20:27 Eastern Standard Time"
"CN=Administrator,CN=Users,DC=test,DC=loc","2006/06/11-10:33:25 Eastern Standard Time"
This
could easily be changed into something that takes params or what not... It is
just something to get you going... I wrap AdFind into perl scripts very
regularly.
Perl
can actually read an excel file and output to an excel file but it isn't
something I am aware of how to do right off the top of my head.
joe
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Amy Hunter
Sent: Wednesday, November 08, 2006 8:22 AM
To: [email protected]
Subject: [ActiveDir] Exporting LastLogon attribute
Hey all!
I have a spreadsheet of temp users who I would like to find out when they
last logged onto the domain. Domain is W2kR2
I've read about using ADFIND to query AD, I typed the following
command
adfind -b dc=hantspol,dc=gov,dc=uk -f "objectclass=user" user lastlogon
lastlogontimestamp
The problem I found was that it gave me every users information + I didn't
understand the format that the attribute returned.
is there any kind sole who could help me? or show me a tool which can help
me...
>lastLogon: 128067753345482744
>lastLogonTimestamp: 128066652382719329
>lastLogonTimestamp: 128066652382719329
What do they mean?
thanks
Amy Hunter
Yahoo! Photos – NEW, now offering a quality print service from just 8p a photo.
