LDAP help needed

C

Clayton Sutton

We are running a Windows 2003 domain and Exchange 2003. I am trying to
create a "Saved Query" in AD Users and Computers. I have the following LDAP
query that will tell me all users that have NEVER logged in before. Can
someone show me how to modify the query to return all users that have not
logged in in the last 20 days?

(&(objectCategory=person)(objectClass=user))(|(lastLogon=0)(!(lastLogon=*)))


TIA,


Clayton
 
M

Mark Arnold [MVP]

Laura Hunter says:

You'll want to query on lastLogonTimestamp, not lastLogon, since
lastLogon isn't replicated between domain controllers - otherwise
you'll need to query each DC individually. lastLogonTimestamp is a
replicated attribute that requires DFL2 in whatever domain you're
running the query for, but can be off by as much as 14 days - see
http://www.microsoft.com/technet/scriptcenter/topics/win2003/lastlogon.mspx.

Basically you'll need to use the following query:

(&(objectCategory=person)(objectClass=user)(lastLogonTimestamp<=127204308000000000))

lastLogonTimestamp is stored in a long integer format, download
datetointeger8.zip from Dan Petri's site to produce the actual format
you want: http://www.petri.co.il/software/datetointeger8.zip.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

A little LDAP help needed 8
GAL LDAP Query 5
SQL and/or AD Security to Query AD Database? 1
Help with small LDAP query 4
Lastlogon: Many DCs showing Identical Timestamp 3
LDAP Query Error 1
LastLogon attribute search 6
LDAP-File 1

Top