Mike Brannigan [MSFT] wrote:
Moty,
Technically you can't.
This is because you are not logging into the Server and holding a
session
live like various legacy systems that have the concept of a terminal
session on that machine.
You are actually being authenticated by the directory service, and
actually your logon authentication is can be done by any DC in the
Domain.
We do log on the DC the lastLoginTimestamp for a user account and on a
native mode Server 2003 domain this attribute is replicated to all DCs
in
the domain.
As far as I know, this attribute is only replicated once a week, so it
is not very useful in this type of cases I think (unless you are able
to reduce the replication time interval a lot).
--
torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway
Administration scripting examples and an ONLINE version of
the 1328 page Scripting Guide:
http://www.microsoft.com/technet/scriptcenter/default.mspx