Q. How can I view my Windows Server 2008 and Windows Vista accounts' last-logon information?
March 9, 2008
A. In Server 2008 domain mode, you access Group Policy settings to enable the last-user logon and any unsuccessful attempts. You can find the setting by opening Computer Configuration, selecting Policies, and clicking Administrative Templates. Next select Windows Components, then Windows Logon Options. Finally, enable the "Display information about previous logons during user logon." You must apply this setting to both domain controllers (DCs) and the client machines you want to display last-logon information.
The first time a user logs on, he or she will see a dialog box stating that it’s the first time the user has interactively logged on to the account. On subsequent logons more information is displayed.
The actual logon information is stored with the user object. The values are
msDS-LastSuccessfulInteractiveLogonTime - The last successful interactive logon
msDS-LastFailedInteractiveLogonTime - The last failed interactive logon
msDS-FailedInteractiveLogonCount - The total number of failed interactive logons recorded since the time logon logging was enabled
msDS-FailedInteractiveLogonCountAtLastSuccessfulLogon - The total number of failed interactive logons recorded since the last successful interactive logon
If you have read-only domain controllers (RODCs), the changes are written changes to the RODC and the closest writable DC.
About the Author
You May Also Like