A little while ago, I was asked about when a specific user last logged in with their active directory (AD) user account. While looking up that information was easily done, finding out how to look up the information was a mite more challenging. There are a number of ways of achieving it; including command line and Powershell commands. My preferred way of doing it is using the Attribute Editor in Active Directory Users and Computers (ADUC). Here’s how:
- Open ADUC
- Go to View, and activate Advanced Features
- Search AD for the account in question, and open its properties
- Go to the Object tab, and make a note of where (which OU) the account is located
- Browse to the OU and open properties of the object
- Go to the Attribute Editor tab
From there, you can browse the attributes set on the AD Object. In this specific case, you will want the “lastLogonTimestamp” attribute:
By posting a comment, you consent to our collecting the information you enter. See privacy policy for more information.