Skip navigation
Menu
Compute Engines>Windows Server

JSI Tip 7801. Using the lastLogonTimestamp attribute in Windows Server 2003.

The lastLogonTimestamp attribute is replicated across all the domain controllers in a Windows Server 2003 domain functionality level domain. It is updated for Kerberos and NTLM interactive logons.

Windows Server 2003 does NOT update the lastLogonTimestamp attribute when you perform:

Certificate mapping through Microsoft Internet Information Services (IIS).

Username and password authentication through IIS.

Microsoft .NET Passport mapping through IIS.

All Service-for-User (S4U) authentication paths.

NOTE: The DSQUERY USER DOMAINROOT -inactive weeks command uses the lastLogonTimestamp attribute.



Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
square buttons on blue backgrounds
How To Copy a Hyper-V Virtual Machine to a New Location
Mar 08, 2024
glowing gears in a digital network
10 Most Popular PowerShell Tips and Tricks in 2023
Dec 26, 2023
PowerShell screenshot
Tracking Windows Group Policy Changes With PowerShell
Aug 22, 2023
an example of the PowerShell interface
10 Popular PowerShell Tips and Tricks in 2023
Jul 25, 2023