The Difference Between Active Directory lastLogon and lastoLogonTimeStamp Attributes

Active Directory records two properties that store the last logon time:

lastLogonTimeStamp

The lastLogonTimeStamp attribute is updated sporadically and is therefore only accurate to about 14 days.  This data is replicated to all DNS servers.  This is particularly useful for finding dormant accounts that haven’t been used in months.

lastLogon

The lastLogon attribute is updated at every logon but it is not replicated and will therefore only be accurate if every DNS server is checked.  This is useful for finding the latest logon for an account.

adlogon

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: