Active Directory - lastLogon vs lastLogonTimestamp - what is the difference?

0
=
0
+
0
No specific Bitcoin Bounty has been announced by author. Still, anyone could send Bitcoin Tips to those who provide a good answer.
0

What is the difference between lastLogon vs lastLogonTimestamp atributes in Active Directory? These attributes contain slightly different values - pls see an example below. I am trying to determine when was the last time that this user has logged in to see if this is a stale user or active user. Seeing different values is confusing. Thanks!

enter image description here

1 Answer

1
=
0
=
$0
Internet users could send Bitcoin Tips to you if they like your answer!

Short Answer:

Timestamp attribute is replicated, the other one is not replicated.

Long Answer:

The difference is that lastLogonTimestamp is replicated to all Domain Controllers in your AD Forest, and lastLogon is only updated on a given local Domain Controller where login has actually happened without further replication. The catch is that local attribute is being updated each time after each login, and replicated attribute is being replicated only after certain interval (14 days by default) to save on a replication traffic. Some more detailed explanation as well as usefull PowerShell commands could be found in this article.

SEND BITCOIN TIPS
1

Too many commands? Learning new syntax?

FavScripts.com is a free tool to save your favorite scripts and commands, then quickly find and copy-paste your commands with just few clicks.

Boost your productivity with FavScripts.com!

Post Answer