Printable View
Hello, I’m running a Server where I need to search for the last “lastlogon”. I have two questions regarding the same. First how can I find and delete old user accounts? And second if possible how can I create a saved querie in ADUC?
Thanks for your helps.
Whenever you post a question make sure to provide as much details as you can provide. For example, I don’t know what server you are using. Anyways, you can use the new lastLogonTimeStamp attribute in case you are using Windows 2003 functional level domain. Or you can go with LastLogon itself. Though, this attribute is not replicated. A different value for each user is kept on each domain controller. Also, it is Integer8 (a 64-bit number).
I’m really sorry for insufficient information. Yes, I’m running a domain at Windows 2003 functional level and yes I wanted to use the lastLogonTimeStamp attribute. But here I want to know if there is any way I can disable the script and or simply delete accounts. Note, I only want to delete the accounts who have not logged in since past 90 days.
Is it possible to create a query in ADUC that searches for the lastLogonTimeStamp attribute? Many thanks
Yes, you can query in ADUC based on lastLogonTimeStamp, but since the value is Integer8, you will need code to determine the value corresponding to 90 days in the past. In ADUC, Filter Options, Create custom filter, Customize..., on the Advanced tab enter an LDAP query such as:
(&(objectCategory=person)(objectClass=user)(lastLogonTimeStamp<=127204344000
000000))
The value I used above corresponds to 2/5/2004. The trick is finding the
value you want. The link below is a VBScript program to convert a date to
the Integer8 (64-bit) value you need: