Active Directory: Find out unused computers using LDAP query
-
Monday, December 12, 2011 2:05 PM
Hi
Is there a way to find out which computers are not in use for a certain period ?
I can't run dsquery because I'm running on Linux platform.
I know about the following attributes :
-
lastLogon - not replicated between DCs in the domain
-
lastLoginTimestamp - replicated between DCs in the domain
1) Will any change in these attributes update the usnChange attribute of the object ?
2) What will happen if a user logs-in and doesn't log-off for a very long period ?
Using the above attributes might get me into a conclusion that the computer is not in use, even though the user is still logged-on.Thanks for the help !
-
All Replies
-
Monday, December 12, 2011 4:56 PMModerator
Hi Oren,This question has been raised previously in Directory Services forums. The following resources provide the answers to your specific questions.
Active Directory LastLogonTimeStamp is Way Off
http://social.technet.microsoft.com/Forums/en-US/winserverDS/thread/613171cb-5e7d-44f5-a7b8-925aa12b91cb“The LastLogonTimeStamp Attribute” – “What it was designed for and how it works”
http://blogs.technet.com/b/askds/archive/2009/04/15/the-lastlogontimestamp-attribute-what-it-was-designed-for-and-how-it-works.aspxPolling for Changes Using USNChanged
http://msdn.microsoft.com/en-us/library/ms677627.aspxNote that this forum handles requests related to Open Specifications documentation issues.
The Open Specifications can be found at: http://msdn2.microsoft.com/en-us/library/cc203350.aspx.Hope this helps.
Thanks,
Edgar -
Thursday, December 15, 2011 5:27 PM
Hi
Thanks for your help !
From some reason I can't find a way to post my question in the "Directory Services" forum.
Can you please send me a link to this forum because the links that you wrote me still don't answer all my questions :
- When the AD updates the lastLogonTimestamp attribute (after 9-14 days), does it also update the usnChanged attribute ? Otherwise, I won't be able to track this change.
- What actions update the lastLogonTimestamp attribute of a user ?
first login after reboot ?
when typing password and login after keyboard was locked ? etc.
- What actions update the lastLogonTimestamp attribute of a computer ?
reboot ?
when user logs-in ? etc.
Best Regards and thanks a lot !
Oren
-
Thursday, December 15, 2011 8:57 PMModerator
Oren,
The forum link is:
http://social.technet.microsoft.com/Forums/en-US/winserverDS/threads
Hope this helps.
Regards,
Edgar
- Marked As Answer by Edgar A OlougounaMicrosoft Employee, Moderator Thursday, December 15, 2011 8:57 PM
