Last Logon Time
Windows 2003 Domain Functional Level adds a neat replicated attribute to the schema. No longer do you need to query domain controllers individually and them compare the users last logon time. Use the following script to query the last logon time of all of your users.
On Error Resume Next
Const ADS_SCOPE_SUBTREE = 2
strFilter= "ObjectCategory='user'" strOrder = "ORDER BY NAME" strNamingContext = "defaultNamingContext"
Set objConnection = CreateObject("ADODB.Connection")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand = CreateObject("ADODB.Command")
Set objCommand.ActiveConnection = objConnection
objCommand.Properties("Page Size") = 10000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
'[Functions] ****************************************
Function removeCN(inputString) Dim textValue textValue = inputString Dim textLength textLength = Len(textValue) textValue = Right(textValue, textLength-3)
removeCN = textValue End Function
'****************************************************
Set objAdRootDSE = GetObject("LDAP://RootDSE")
objNamingContext = objAdRootDSE.Get(strNamingContext)
objCommand.CommandText = "SELECT * FROM 'LDAP://" & objNamingContext &_ "' WHERE " & strFilter & strOrder Set objRS = objCommand.Execute
objRS.MoveFirst
Do until objRS.eof
Set objUser = GetObject(objRS.Fields.Item(0))
Set objLastLogon = objUser.Get("lastLogonTimestamp")
If Err.Number < 0 Then
WScript.Echo removeCN(objUser.Name) & "," & objUser.userPrincipalName & "," & "Property not set."
Else
intLastLogonTime = objLastLogon.HighPart * (2^32) + objLastLogon.LowPart
intLastLogonTime = intLastLogonTime / (60 * 10000000)
intLastLogonTime = intLastLogonTime / 1440
WScript.Echo removeCN(objUser.Name) & "," & objUser.userPrincipalName & "," & intLastLogonTime + #1/1/1601#
End if
Set objUser = Nothing Set objLastLogon = Nothing Set err = Nothing counter = counter + 1 objRS.MoveNext Loop
Powered by WordPress with [GimpStyle]
Entries and comments feeds.