Asking for a friend.
Lastlogon on ALL DC's is 0. But lastlogondate and lastlogontimestamp are valid. My only theory is Lastlogon was to a now decommissioned DC and the user has not logged on since that DC was decommissioned. Waiting on verification that there is in fact a decommissioned DC in the mix.
Any other ideas?
.+-�w��i��0��-�����+���֬

Lastlogon=0
- 105 Views
- Last Post 29 September 2015
Remember, that lastLogontimestamp is updated in several scenarios, while the user HAS NOT actively logged on.
For example, when you check for effective permissions or replicate the password of a user (populate) to an RODC, the lastLogonTimestamp gets updated
Met vriendelijke groeten / Kind regards,
Jorge de Almeida Pinto
o: JorgeDeAlmeidaPinto@xxxxxxxxxxxxxxxx
J: +31 (0)6 26.26.62.80
Hey Jorge,
Could you point me to some document that would list all cases in which the lastLogontimestamp would be updated "systematically"? (without the user not actively loggin on?)
Thanks! - Gabriele.

See for more info:
http://blogs.technet.com/b/askpfeplat/archive/2014/04/14/how-lastlogontimestamp-is-updated-with-kerberos-s4u2self.aspx
Met vriendelijke groeten / Kind regards,
Jorge de Almeida Pinto
o: JorgeDeAlmeidaPinto@xxxxxxxxxxxxxxxx
J: +31 (0)6 26.26.62.80
Great Thanks!
Categories
Search

This Weeks High Earners
-
kebabfest 3
-
TonyTest 2
-
ermitanyo 2
-
MittlemanR 2
-
gustavo_santos 2
-
ahobbs 2
-
William.King 2
-
darren 1
-
webster 1