Data último Logon AD (lastlogon)

Script para verificar a data do último logon do usuário no AD. (www.rlmueller.net )

Abra um notepad, cole o código em azul abaixo e salve como lastlogon.vbs:

Option Explicit
Dim objRootDSE, adoConnection, adoCommand, strQuery
 Dim adoRecordset, strDNSDomain, objShell, lngBiasKey
 Dim lngBias, k, strDN, dtmDate, objDate
 Dim strBase, strFilter, strAttributes, lngHigh, lngLow
' Obtain local Time Zone bias from machine registry.
 Set objShell = CreateObject("Wscript.Shell")
 lngBiasKey = objShell.RegRead("HKLM\System\CurrentControlSet\Control\" _
     & "TimeZoneInformation\ActiveTimeBias")
 If (UCase(TypeName(lngBiasKey)) = "LONG") Then
     lngBias = lngBiasKey
 ElseIf (UCase(TypeName(lngBiasKey)) = "VARIANT()") Then
     lngBias = 0
     For k = 0 To UBound(lngBiasKey)
         lngBias = lngBias + (lngBiasKey(k) * 256^k)
     Next
 End If
 Set objShell = Nothing
' Determine DNS domain from RootDSE object.
 Set objRootDSE = GetObject("LDAP://RootDSE")
 strDNSDomain = objRootDSE.Get("defaultNamingContext")
 Set objRootDSE = Nothing
' Use ADO to search Active Directory.
 Set adoCommand = CreateObject("ADODB.Command")
 Set adoConnection = CreateObject("ADODB.Connection")
 adoConnection.Provider = "ADsDSOObject"
 adoConnection.Open "Active Directory Provider"
 adoCommand.ActiveConnection = adoConnection
' Search entire domain.
 strBase = "<LDAP://" & strDNSDomain & ">"
' Filter on all user objects.
 strFilter = "(&(objectCategory=person)(objectClass=user))"
' Comma delimited list of attribute values to retrieve.
 strAttributes = "distinguishedName,lastLogonTimeStamp"
' Construct the LDAP syntax query.
 strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"
' Run the query.
 adoCommand.CommandText = strQuery
 adoCommand.Properties("Page Size") = 100
 adoCommand.Properties("Timeout") = 60
 adoCommand.Properties("Cache Results") = False
 Set adoRecordset = adoCommand.Execute
' Enumerate resulting recordset.
 Do Until adoRecordset.EOF
    ' Retrieve attribute values for the user.
     strDN = adoRecordset.Fields("distinguishedName").Value
     ' Convert Integer8 value to date/time in current time zone.
     On Error Resume Next
     Set objDate = adoRecordset.Fields("lastLogonTimeStamp").Value
     If (Err.Number <> 0) Then
         On Error GoTo 0
         dtmDate = #1/1/1601#
     Else
         On Error GoTo 0
         lngHigh = objDate.HighPart
         lngLow = objDate.LowPart
         If (lngLow < 0) Then
             lngHigh = lngHigh + 1
         End If
         If (lngHigh = 0) And (lngLow = 0 ) Then
             dtmDate = #1/1/1601#
         Else
             dtmDate = #1/1/1601# + (((lngHigh * (2 ^ 32)) _
                 + lngLow)/600000000 - lngBias)/1440
         End If
     End If
     ' Display values for the user.
     If (dtmDate = #1/1/1601#) Then
         Wscript.Echo strDN & ";Never"
     Else
         Wscript.Echo strDN & ";" & dtmDate
     End If
     adoRecordset.MoveNext
 Loop
' Clean up.
 adoRecordset.Close
 adoConnection.Close
 Set adoConnection = Nothing
 Set adoCommand = Nothing
 Set adoRecordset = Nothing
 Set objDate = Nothing

Execute:

cscript lastlogon.vbs > arquivo.txt

E era isto…

Deixe uma resposta

Preencha os seus dados abaixo ou clique em um ícone para log in:

Logotipo do WordPress.com

Você está comentando utilizando sua conta WordPress.com. Sair / Alterar )

Imagem do Twitter

Você está comentando utilizando sua conta Twitter. Sair / Alterar )

Foto do Facebook

Você está comentando utilizando sua conta Facebook. Sair / Alterar )

Foto do Google+

Você está comentando utilizando sua conta Google+. Sair / Alterar )

Conectando a %s