Sign in to follow this  
Followers 0
TempTrees

Active Directory - LastLogin

4 posts in this topic

I am trying to enumerate sub-ou's and get some counts for the last time users and computers logged-in. As the enumeration proceeds everything is fine until you come to a user or computer who has not logged into that particular domain controller. Rather than just returning a empty string the program errors and exits. Any help would be appreciated.

#include <GUIConstants.au3>
#include <Date.au3>
;===================================================================================================
=============
Dim $ObjWb
Dim $ObjExcel
Dim $x=2,$Total=0,$0_29=0,$30_59=0,$60_89=0,$90_179=0,$180=0,$Never=0
Dim $Object = ""
Dim $StartingOU = "ou=****,ou=*****,dc=****,dc=**,dc=****,dc=****"

InitGUI()

$objDomain = ObjGet("LDAP://" & $StartingOU)
ExcelSetup("Sheet1","TEST"); Sub to make Excel Document

For $ObjMember In $objDomain; go through the collection
    If ($ObjMember.Class = "organizationalUnit" or $ObjMember.Class = "container") Then
        $OuName=$ObjMember.ou
        $OuName=StringLeft($OuName,30)
        $ObjWb.Cells($x,1).Value = $OuName
        enumMembers($ObjMember)
        
        $ObjWb.Cells($x, 2).Value = $Total
        $ObjWb.Cells($x, 3).Value = $0_29
        $ObjWb.Cells($x, 4).Value = $30_59
        $ObjWb.Cells($x, 5).Value = $60_89
        $ObjWb.Cells($x, 6).Value = $90_179
        $ObjWb.Cells($x, 7).Value = $180
        $ObjWb.Cells($x, 8).Value = $Never
        
        $x = $x + 1
        $0_29=0
        $30_59=0
        $60_89=0
        $90_179=0
        $180=0
        $Never=0
        $Total = 0
    EndIf
Next

$objExcel.Range("A1:H" & ($x-1)).Select
$objExcel.Selection.HorizontalAlignment = 3

$objExcel.Visible = 1
MsgBox(0,"Done","Done")
Exit

;------------------------------------------------------------------------------------------------------------------

Func enumMembers($objDomain)
    For $ObjMember In $objDomain; go through the collection
        If ($ObjMember.Class = $Object and $ObjMember.ou <> "Disabled") Then 
            $Total = $Total + 1; Running Total per OU
            $LastLogin=$ObjMember.LastLogin
            If($LastLogin<>"") Then
                $LastLoginDate=StringMid($LastLogin, 1, 4)&"/"&StringMid($LastLogin, 5, 2)&"/"&StringMid($LastLogin, 7, 2)
                $DaysDiff=_DateDiff('d',$LastLoginDate,_NowCalcDate())
                If($DaysDiff<30) Then
                    $0_29+=1
                ElseIf($DaysDiff<60) Then
                    $30_59+=1
                ElseIf($DaysDiff<90) Then
                    $60_89+=1
                ElseIf($DaysDiff<180) Then
                    $90_179+=1
                Else
                    $180+=1
                EndIf
            Else
                $Never+=1
            EndIf
        EndIf

        If (($ObjMember.Class = "organizationalUnit" or $ObjMember.Class = "container") and $ObjMember.ou <> "Disabled") Then
            enumMembers($ObjMember)
        EndIf
    Next
EndFunc

;------------------------------------------------------------------------------------------------------------------------

Func ExcelSetup($shtName,$org); This sub creates an Excel worksheet and adds Column heads to the 1st row
    $objExcel = ObjCreate("Excel.Application")
    $objExcel.DisplayAlerts = FALSE
    $objExcel.Visible = 1
    $ObjWb = $objExcel.Workbooks.Add
    $ObjWb = $objExcel.ActiveWorkbook.Worksheets($shtName)
    $ObjWb.Name = $org; name the sheet
    $ObjWb.Activate

    $ObjWb.Columns(1).ColumnWidth = 15
    $ObjWb.Columns(2).ColumnWidth = 25
    
    $ObjWb.Cells(1, 1).Value = "Site Name"
    $ObjWb.Cells(1, 2).Value = "# Of " & $Object & "s In AD"
    $ObjWb.Cells(1, 3).Value = "# Logged-In < 30 Days"
    $ObjWb.Cells(1, 4).Value = "# Logged-In 30-60 Days"
    $ObjWb.Cells(1, 5).Value = "# Logged-In 60-90 Days"
    $ObjWb.Cells(1, 6).Value = "# Logged-In 90-180 Days"
    $ObjWb.Cells(1, 7).Value = "# Logged-In > 180 Days"
    $ObjWb.Cells(1, 8).Value = "# Never Logged-In"
    
    $objExcel.Range("A1:H1").Select
    $objExcel.Selection.Font.Bold = True
    $objExcel.Selection.Interior.ColorIndex = 1
    $objExcel.Selection.Interior.Pattern = 1
    $objExcel.Selection.Font.ColorIndex = 2
    $objExcel.Selection.Font.Size = 12
    $objExcel.Selection.HorizontalAlignment = 3
EndFunc
;------------------------------------------------------------------------------------------------------------------------
Func InitGUI()
    $msg = 0
    
    $GUI = GUICreate("Enumeration Object",250,125,-1,-1,-1,0x00000010); WS_EX_ACCEPTFILES
;GUISetIcon (@WorkingDir & "\tools.ico")
    GUISetFont (14, 400, 4)
    $Label = GUICtrlCreateLabel("Select Enumeration Object:", 13, 5)
    GUISetFont (9, 400,0)
    $Radio_User = GUICtrlCreateRadio ("Users", 50, 40, 50, 20)
    $Radio_Computer = GUICtrlCreateRadio ("Computers", 125, 40, 75, 20)
    $Next = GUICtrlCreateButton("Enumerate", 75, 75, 100)
    
    GUISetState(@SW_SHOW)
    
    While $msg <> $GUI_EVENT_CLOSE
       $msg = GUIGetMsg()
       Select
            Case $msg = $Next
                If(GUICtrlRead($Radio_Computer) = 1) Then
                    $Object = "Computer"
                    ExitLoop
                ElseIf(GUICtrlRead($Radio_User) = 1) Then
                    $Object = "User"
                    ExitLoop
                Else
                    MsgBox(0,"Object","Please Select Computers or Users!")
                EndIf
            Case $msg = $GUI_EVENT_CLOSE
                Exit
       EndSelect
    Wend
    GUIDelete($GUI)
EndFunc

Share this post


Link to post
Share on other sites



OK, that fixed the error. Thanks.

Now, what about if I what to specify which DC to connect to since LastLogin is not replicated a crossed Domain Controllers. How specify a specific DC, not necessarily the one I'm logged into?

Share this post


Link to post
Share on other sites

Nevermind, going to use the LastLogonTimeStamp which does get replicated.

$ObjLastLogin=$ObjMember.LastLogonTimeStamp
$intLogonTime = $ObjLastLogin.HighPart * (2^32) + $ObjLastLogin.LowPart
$intLogonTime = $intLogonTime / (60 * 10000000); Minutes since January 1, 1601
$LastLoginDate = _DateAdd('n',Int($intLogonTime),"1601/01/01 00:00:00")

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0