Question : Pulling the LDAP lastlogon time from multiple domain controllers one user at a time.

I need to pull the lastlogon time for specific users (preferably one at a time) using a script that queries ldap for my organization. I am able to do this for one domain controller but as you know, the lastlogon attribute is not replicated to the other dcs. What I need is a script that will pull the lastlogon entry from all of the domain controllers, compare them and return the most recent date and time.

Any help would be much appreciated. Thanks

Answer : Pulling the LDAP lastlogon time from multiple domain controllers one user at a time.

Correct, you would need to query LDAP:/// to retrieve the value of a DC-specific attribute. The following VBScript will enumerate all DCs in a specified domain: http://techtasks.com/code/viewbookcode/1447

(I love the AD Cookbook, and not just because I wrote the 2nd Edition. :-))

When you start querying lastLogon, you'll want to test what sort of value gets returned if a user has never authenticated against a DC in your list at all - I can't remember if the default value for lastLogon is "0" or just , the latter of which will likely require some error-handling in your script.

Random Solutions

Diagnostic-Code: smtp;550 5.7.1 Unable to relay for

Effects of NDR attacks on Exchange 2003

GPS design help required

This must be my day for all the fun-When I try to search the web, it is pulling information up in Chinese.

windows 2003 tsweb should not need ts servername

Log on Message, how to do?

I am looking for a program that will download all pictures from a website, so that I don't have to right click on and save each individual picture manually. What is the best program?

domain purchase

Network Upgrade - Cisco Wireless - DMZ - ISA? SBS 2K3