http://msdn.microsoft.com/library/default.asp?url=/library/en-us/netdir/
ad/u
ser_object_properties.asp
or
http://tinyurl.com/85a7
Windows Server 2003, when domain and forest functional levels are at Windows
Server 2003 FL, a new attribute, last-logon-timestamp, becomes available:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/adschem
a/ad
/win2k3only_a_lastlogontimestamp.asp
or
http://tinyurl.com/85ad
Since you're probably not the only one to have this question (is there
documentation of what I said below), I'll snip your e-mail to me and cc the
list on this, cool?
Laura
My original statements:
One thing to be conscious of- in Windows 2000, last logon time/date is not
replicated through AD. It is stored locally on the authenticating DC.
Therefore, you could not simply query AD for this information- you would
have to query each DC. In Windows Server 2003, once you've raised your
domains and forest functional levels to Windows Server 2003 (no downlevel
DCs), the ability to retrieve logon time/date from AD exists and the
information replicates. In fact, there is a pre-definied query in ADU&C in
Windows Server 2003 for just this purpose.
Laura
----------------------------------------------------------------------
Get serious about enterprise anti-spam management.
SurfControl E-mail Filter for SMTP & Exchange
leverages multiple layers of technology to defeat
spam with accuracy. Download a free 30-day trial:
http://www.surfcontrol.com/go/zsfmsl1
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/netdir/
ad/u
ser_object_properties.asp
or
http://tinyurl.com/85a7
Windows Server 2003, when domain and forest functional levels are at Windows
Server 2003 FL, a new attribute, last-logon-timestamp, becomes available:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/adschem
a/ad
/win2k3only_a_lastlogontimestamp.asp
or
http://tinyurl.com/85ad
Since you're probably not the only one to have this question (is there
documentation of what I said below), I'll snip your e-mail to me and cc the
list on this, cool?
Laura
My original statements:
One thing to be conscious of- in Windows 2000, last logon time/date is not
replicated through AD. It is stored locally on the authenticating DC.
Therefore, you could not simply query AD for this information- you would
have to query each DC. In Windows Server 2003, once you've raised your
domains and forest functional levels to Windows Server 2003 (no downlevel
DCs), the ability to retrieve logon time/date from AD exists and the
information replicates. In fact, there is a pre-definied query in ADU&C in
Windows Server 2003 for just this purpose.
Laura
----------------------------------------------------------------------
Get serious about enterprise anti-spam management.
SurfControl E-mail Filter for SMTP & Exchange
leverages multiple layers of technology to defeat
spam with accuracy. Download a free 30-day trial:
http://www.surfcontrol.com/go/zsfmsl1
[ reply ]