Asking for a friend.
Lastlogon on ALL DC's is 0. But lastlogondate and lastlogontimestamp are valid. My only theory is Lastlogon was to a now decommissioned DC and the user has not logged on since that DC was decommissioned. Waiting on verification that there is in fact a decommissioned DC in the mix.
Any other ideas?
.+-�w��i��0��-�����+���֬
Lastlogon=0
- 105 Views
- Last Post 29 September 2015
kennedyjim
posted this
22 September 2015
ZJORZ
posted this
22 September 2015
Remember, that lastLogontimestamp is updated in several scenarios, while the user HAS NOT actively logged on.
For example, when you check for effective permissions or replicate the password of a user (populate) to an RODC, the lastLogonTimestamp gets updated
Met vriendelijke groeten / Kind regards,
Jorge de Almeida Pinto
o: JorgeDeAlmeidaPinto@xxxxxxxxxxxxxxxx
J: +31 (0)6 26.26.62.80
gabriel/tfi
posted this
26 September 2015
Hey Jorge,
Could you point me to some document that would list all cases in which the lastLogontimestamp would be updated "systematically"? (without the user not actively loggin on?)
Thanks! - Gabriele.
ZJORZ
posted this
27 September 2015
See for more info:
http://blogs.technet.com/b/askpfeplat/archive/2014/04/14/how-lastlogontimestamp-is-updated-with-kerberos-s4u2self.aspx
Met vriendelijke groeten / Kind regards,
Jorge de Almeida Pinto
o: JorgeDeAlmeidaPinto@xxxxxxxxxxxxxxxx
J: +31 (0)6 26.26.62.80
gabriel/tfi
posted this
29 September 2015
Great Thanks!
Categories
Search
This Weeks High Earners
-
kebabfest 3
-
TonyTest 2
-
ermitanyo 2
-
MittlemanR 2
-
gustavo_santos 2
-
ahobbs 2
-
William.King 2
-
darren 1
-
webster 1
Hot Topics
