Real Last Logon Report

It is important for the Active Directory Adminstrators to find the inactive users and computers periodically and make necessary actions such as disable, delete the inactive users to avoid the security threatens.

Inactive users are found out by querying their lastlogon attribute values. Whenever the user authenticated by a Domain controller, the lastlogon attribute is updated with the authenticated time. The lastlogon attribute is not a replicated between the Domain controllers to reduce the replication traffic. So, querying inactive users by the lastlogon attribute on a particular Domain controler will lead into incorrect results.

To exactly track all the inactive users and computers, lastlogon attribute needs to be queried in all the domain controllers and the most recent date & time value needs to be taken. So this report is called as Real last logon report.

ASN Active Directory Manager queries the given domain controllers to generate the inactive users and computers report (Users not logged on in last few days). And the report table shows the resolved most recent logon as well as the lastlogon attribute values in all the given domain controllers. Administrators can easily view the inactive users reports and their last authenticated time on all the given domain controllers. This helps the Administrators to take any actions such as disable, delete, move on the inactive users and computers.

ASN Active Directory Manager requires two inputs to generate the inactive users and computers reports. The inputs are,

  • Number of days - Users/Computers being inactive for last mentioned days.
  • Specify Domain Controllers - The specified domain controllers are queried with the lastlogon attribute for the all the users in the given container scope.

Please refer the below image to know about specifying inputs to generate the real inactive users report, Last logon report - inputs

All the domain controllers are listed under the domain controller options section. The domain controllers that are currently not accessible are disbled and are not included in the query. Tick the domain controllers that are needs to queried, all the connected domain controllers are ticked by default. At least one domain controller must be ticked to generate the report.

Please refer the below image for the sample inactive users report, Last logon report - table with give domain controllers

In the report table, it can be noticed that the last two columns are the selected domain controllers. Last logged on column shows the resolved last logon value.

go to top