If
knowing when the machine was last switched on is enough then you can check the
password age for the machine account - I think Windows 2000 changes it every 7
days; NT 4 is longer - so if you find a password age of greater than (say) 30
days you know the machine isn't being switched on.
If
machines get left on then they'll change their passwords so that won't work. One
possibility is to add something to the user login script which logs when a user
logged onto the machine.
A
really crude way would be to scan the profile folders looking at the time stamp
on ntuser.dat
Steve
�-----Original Message-----
From: England, Christopher M [mailto:[EMAIL PROTECTED]
Sent: 06 August 2003 15:22
To: [EMAIL PROTECTED]
Subject: [ActiveDir] LDAP & LastLogin for ComputersGreetings all,
I am trying to pull LDAP queries on computer accounts and I want to find out the last time someone logged into the machine. "WhenModified" is just the computer account object and "LastLogin" is just for user accounts. Am I out of luck?
What I have is this: 400 or so computer accounts in one OU (with many sub-OUs) probably need to be 1) moved to a new OU or 2) deleted. #1 happens if they have logged in in say the last few months. #2 if not.
Any suggestions would be great!
Thanks,
Chris---------------------------------------------------------
Christopher England
Server Administrator
MCSA, Server+, Network+, A+
College Information Technology Office
Indiana University
