Sign in with
Sign up | Sign in
Your question

Logon Inactivity

Last response: in Windows 2000/NT
Share
Anonymous
a b 8 Security
March 31, 2005 7:43:04 PM

Archived from groups: microsoft.public.win2000.security (More info?)

How do you run an inactivity report for Win2000 Network User accounts?
We would like to disable those network user accounts that have not been
active for a specified number of days. Any ideas how we would go about doing
this?

Thanks,
Warner.

More about : logon inactivity

Anonymous
a b 8 Security
April 1, 2005 3:47:33 AM

Archived from groups: microsoft.public.win2000.security (More info?)

There is a problem with Windows 2000 domain controllers in that they do not
replicate the last logged on timestamp. If you have a Windows XP Pro
computer in the domain you can install adminapk for Windows 2003 on it and
use the AD command line tools such as "dsquery user -inactive" to find
inactive accounts but you would have to do such on each domain controller to
get final results. A user may show as never being logged on by a domain
controller that is never used to authenticate him. There may be scripted
solutions to do such for all domain controllers if you have more than a few.
There is also a free tool from Somarsoft called dumpsec that you may want to
try. Though I have not tried it myself with multiple domain controllers
there is an option for "show true last logon time" that is supposed to make
it check all logon servers when you select which which fields to use in
your report for users.--- Steve

http://www.systemtools.com/somarsoft/ --- dumpsec
http://www.microsoft.com/windowsxp/home/using/productdo...


"Warner@nospam.postalias" <Warnernospampostalias@discussions.microsoft.com>
wrote in message news:4301DBF1-8EC9-4758-BC53-557A94A6E23B@microsoft.com...
> How do you run an inactivity report for Win2000 Network User accounts?
> We would like to disable those network user accounts that have not been
> active for a specified number of days. Any ideas how we would go about
> doing
> this?
>
> Thanks,
> Warner.
March 8, 2012 11:29:45 PM

Netwrix inactive users tracker (www.netwrix.com) should work for you. The tool automatically detects, reports and deactivates all user accounts that have been inactive for a specified number of days. I know they also offer a freeware version that detects and reports on inactive accounts, but doesn’t automatically deactivate them.
!