Lastlogontimestamp in Active Directory

15 pts.
Tags:
Active Directory
Active Directory Users
User Login Data
If I query a users I find that the users password is expired meaning it must change at next logon. The weird this is that the account has been logon to after the password expired. the account does not have password set to not expire, and this also has not been modified.

PasswordLastSet 09 November 2009

PasswordAge 105.06:00:32.8198742

PasswordExpires [strong]08 January 2010[/strong]

LastLogonTimestamp [strong]15 February 2010[/strong]

AccountIsDisabled False

AccountIsLockedOut False

PasswordNeverExpires [strong]False[/strong]

UserMustChangePassword  False

 

 



Software/Hardware used:
Active Directory

Answer Wiki

Thanks. We'll let you know when a new response is added.

Interestingly I have seen a few examples of this recently.

LastLogonTimestamp is an attribute that is replicated between domain controllers, however it is only updated every 10 to 14 days by default

Have you checked individual domain controllers to see what the lastlogon attribute is set to. One of them will show the time the user actually last logged on.

I’m not convinced that lastlogontimestamp is actually reporting the correct time of last logon.

Check if the msDS-LogonTimeSyncInterval of the domain controller has been modified to a longer than expected value

Discuss This Question: 1  Reply

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Dilligaf1
    I have checked on all DC's and not found anything even close to this date. The last date found on any of the DC's was the 13-Nov-2009 07:19:04 PM
    15 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following