Forum Search:
Forum.Brain-Cluster.com: Brain Cluster Technical Forum
Ultimate forum for Technical Discussions

Home » Microsoft » Windows Server » Active Directory » Determine Last Date of Computer Logon in AD Domain
Determine Last Date of Computer Logon in AD Domain [message #161934] Fri, 09 October 2009 12:06 Go to next message
kalql8n  is currently offline kalql8n
Messages: 2
Registered: October 2009
Junior Member
Hello-
Using W2003 server and Win XP clients in AD domain, is there any way to
determine when a computer, not a user, last logged into the domain? I have
several inactive computer accounts in my AD that I would like to remove.

TIA
Scott Schaffer
IT Manager
Heschel Day School
Northridge, CA
Re: Determine Last Date of Computer Logon in AD Domain [message #161935 is a reply to message #161934] Fri, 09 October 2009 12:21 Go to previous messageGo to next message
Marcin  is currently offline Marcin  United States
Messages: 273
Registered: July 2009
Senior Member
check the value of lastLogon property of the computer object...

hth
Marcin

"kalql8n" <kalql8n@discussions.microsoft.com> wrote in message
news:BA340081-F462-4827-9AEA-478F4334A2B1@microsoft.com...
> Hello-
> Using W2003 server and Win XP clients in AD domain, is there any way to
> determine when a computer, not a user, last logged into the domain? I have
> several inactive computer accounts in my AD that I would like to remove.
>
> TIA
> Scott Schaffer
> IT Manager
> Heschel Day School
> Northridge, CA
Re: Determine Last Date of Computer Logon in AD Domain [message #161936 is a reply to message #161934] Fri, 09 October 2009 12:26 Go to previous messageGo to next message
Marcin  is currently offline Marcin  United States
Messages: 273
Registered: July 2009
Senior Member
Note that lastLogon attribute is not replicated - so you would have to check
its value on all DCs in the domain. Alternatively, you might consider using
lastLogonTimestamp attribute (which is replicated) - but keep in mind that
it's not updated at every logon (this depends on the value of
msDS-LogonTimeSyncInterval attribute)...

hth
Marcin

"kalql8n" <kalql8n@discussions.microsoft.com> wrote in message
news:BA340081-F462-4827-9AEA-478F4334A2B1@microsoft.com...
> Hello-
> Using W2003 server and Win XP clients in AD domain, is there any way to
> determine when a computer, not a user, last logged into the domain? I have
> several inactive computer accounts in my AD that I would like to remove.
>
> TIA
> Scott Schaffer
> IT Manager
> Heschel Day School
> Northridge, CA
Re: Determine Last Date of Computer Logon in AD Domain [message #161937 is a reply to message #161936] Fri, 09 October 2009 12:33 Go to previous messageGo to next message
kalql8n  is currently offline kalql8n
Messages: 2
Registered: October 2009
Junior Member
Marcin - Where to I find that value?

Thanks,
Scott

"Marcin" wrote:

> Note that lastLogon attribute is not replicated - so you would have to check
> its value on all DCs in the domain. Alternatively, you might consider using
> lastLogonTimestamp attribute (which is replicated) - but keep in mind that
> it's not updated at every logon (this depends on the value of
> msDS-LogonTimeSyncInterval attribute)...
>
> hth
> Marcin
>
> "kalql8n" <kalql8n@discussions.microsoft.com> wrote in message
> news:BA340081-F462-4827-9AEA-478F4334A2B1@microsoft.com...
> > Hello-
> > Using W2003 server and Win XP clients in AD domain, is there any way to
> > determine when a computer, not a user, last logged into the domain? I have
> > several inactive computer accounts in my AD that I would like to remove.
> >
> > TIA
> > Scott Schaffer
> > IT Manager
> > Heschel Day School
> > Northridge, CA
>
>
>
Re: Determine Last Date of Computer Logon in AD Domain [message #161939 is a reply to message #161934] Fri, 09 October 2009 14:02 Go to previous messageGo to next message
rlmueller-nospam  is currently offline rlmueller-nospam  United States
Messages: 292
Registered: July 2009
Senior Member
"kalql8n" <kalql8n@discussions.microsoft.com> wrote in message
news:BA340081-F462-4827-9AEA-478F4334A2B1@microsoft.com...
> Hello-
> Using W2003 server and Win XP clients in AD domain, is there any way to
> determine when a computer, not a user, last logged into the domain? I have
> several inactive computer accounts in my AD that I would like to remove.
>
> TIA
> Scott Schaffer
> IT Manager
> Heschel Day School
> Northridge, CA

The best tool for finding and dealing with old computer accounts is Joe
Richards free oldcmp. See this link:

http://www.joeware.net/freetools/tools/oldcmp/index.htm

Otherwise, I have two example VBScript programs that find the last logon
dates for all users in the domain linked here:

http://www.rlmueller.net/Last%20Logon.htm

The first program on the page uses the lastLogon attribute, which is not
replicated, so the script queries every DC in the domain. The second program
uses lastLogonTimeStamp so it uses one query. In both cases, the program can
be easily modified to document last logon dates for all computers. In both
cases change this statement:

strFilter = "(&(objectCategory=person)(objectClass=user))"

to this:

strFilter = "(objectCategory=computer)"

--
Richard Mueller
MVP Directory Services
Hilltop Lab - http://www.rlmueller.net
--
Re: Determine Last Date of Computer Logon in AD Domain [message #162056 is a reply to message #161936] Wed, 14 October 2009 13:28 Go to previous messageGo to next message
SubstituteThisWithMyF  is currently offline SubstituteThisWithMyF  Netherlands
Messages: 85
Registered: October 2009
Member
lastLogon is not replicated, but lastLogonTimeStamp DOES replicate

--

Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)

# Jorge de Almeida Pinto # MVP Identity & Access - Directory Services #

BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx
BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx
------------------------------------------------------------ ------------------------------
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always test ANY suggestion in a test environment before implementing!
------------------------------------------------------------ ------------------------------
#################################################
#################################################
------------------------------------------------------------ ------------------------------

"Marcin" <marcin@community.nospam> wrote in message
news:ecCg93QSKHA.4704@TK2MSFTNGP02.phx.gbl...
> Note that lastLogon attribute is not replicated - so you would have to
> check its value on all DCs in the domain. Alternatively, you might
> consider using lastLogonTimestamp attribute (which is replicated) - but
> keep in mind that it's not updated at every logon (this depends on the
> value of msDS-LogonTimeSyncInterval attribute)...
>
> hth
> Marcin
>
> "kalql8n" <kalql8n@discussions.microsoft.com> wrote in message
> news:BA340081-F462-4827-9AEA-478F4334A2B1@microsoft.com...
>> Hello-
>> Using W2003 server and Win XP clients in AD domain, is there any way to
>> determine when a computer, not a user, last logged into the domain? I
>> have
>> several inactive computer accounts in my AD that I would like to remove.
>>
>> TIA
>> Scott Schaffer
>> IT Manager
>> Heschel Day School
>> Northridge, CA
>
>
>
> __________ Information from ESET Smart Security, version of virus
> signature database 4507 (20091014) __________
>
> The message was checked by ESET Smart Security.
>
> http://www.eset.com
>
>
>

__________ Information from ESET Smart Security, version of virus signature database 4507 (20091014) __________

The message was checked by ESET Smart Security.

http://www.eset.com
Re: Determine Last Date of Computer Logon in AD Domain [message #162057 is a reply to message #161934] Wed, 14 October 2009 13:29 Go to previous messageGo to next message
SubstituteThisWithMyF  is currently offline SubstituteThisWithMyF  Netherlands
Messages: 85
Registered: October 2009
Member
check lastLogonTimestamp or lastPwdSet

use OLDCMP
http://www.joeware.net/freetools/tools/oldcmp/index.htm

--

Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)

# Jorge de Almeida Pinto # MVP Identity & Access - Directory Services #

BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx
BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx
------------------------------------------------------------ ------------------------------
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always test ANY suggestion in a test environment before implementing!
------------------------------------------------------------ ------------------------------
#################################################
#################################################
------------------------------------------------------------ ------------------------------

"kalql8n" <kalql8n@discussions.microsoft.com> wrote in message
news:BA340081-F462-4827-9AEA-478F4334A2B1@microsoft.com...
> Hello-
> Using W2003 server and Win XP clients in AD domain, is there any way to
> determine when a computer, not a user, last logged into the domain? I have
> several inactive computer accounts in my AD that I would like to remove.
>
> TIA
> Scott Schaffer
> IT Manager
> Heschel Day School
> Northridge, CA
>
> __________ Information from ESET Smart Security, version of virus
> signature database 4507 (20091014) __________
>
> The message was checked by ESET Smart Security.
>
> http://www.eset.com
>
>
>

__________ Information from ESET Smart Security, version of virus signature database 4507 (20091014) __________

The message was checked by ESET Smart Security.

http://www.eset.com
Re: Determine Last Date of Computer Logon in AD Domain [message #292601 is a reply to message #161939] Wed, 21 October 2009 00:02 Go to previous message
NTex  is currently offline NTex
Messages: 1
Registered: October 2009
Junior Member
Genius and so simple :) why didn't why on that my self going to try this in
a few hours.

BTW you don't mind if this works, that I modify this script a little so I
can dump to SQL table instead ?

Thanks

"Richard Mueller [MVP]" wrote:

>
> "kalql8n" <kalql8n@discussions.microsoft.com> wrote in message
> news:BA340081-F462-4827-9AEA-478F4334A2B1@microsoft.com...
> > Hello-
> > Using W2003 server and Win XP clients in AD domain, is there any way to
> > determine when a computer, not a user, last logged into the domain? I have
> > several inactive computer accounts in my AD that I would like to remove.
> >
> > TIA
> > Scott Schaffer
> > IT Manager
> > Heschel Day School
> > Northridge, CA
>
> The best tool for finding and dealing with old computer accounts is Joe
> Richards free oldcmp. See this link:
>
> http://www.joeware.net/freetools/tools/oldcmp/index.htm
>
> Otherwise, I have two example VBScript programs that find the last logon
> dates for all users in the domain linked here:
>
> http://www.rlmueller.net/Last%20Logon.htm
>
> The first program on the page uses the lastLogon attribute, which is not
> replicated, so the script queries every DC in the domain. The second program
> uses lastLogonTimeStamp so it uses one query. In both cases, the program can
> be easily modified to document last logon dates for all computers. In both
> cases change this statement:
>
> strFilter = "(&(objectCategory=person)(objectClass=user))"
>
> to this:
>
> strFilter = "(objectCategory=computer)"
>
> --
> Richard Mueller
> MVP Directory Services
> Hilltop Lab - http://www.rlmueller.net
> --
>
>
>
Previous Topic:Restart Server after site link configurations?
Next Topic:syatem state restoring error
Goto Forum:
  


Current Time: Fri Jan 19 00:43:41 MST 2018

Total time taken to generate the page: 0.03114 seconds
.:: Contact :: Home ::Sitemap::.

Powered by: FUDforum 3.0.0RC2.
Copyright ©2001-2009 FUDforum Bulletin Board Software