Find Resources and Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

Subscribe to this discussion

Identify true inactive AD account

Does anyone have any insights to share on this? I understand that some Windows Audit tools like ADManager and DumpSec are able to provide reports of AD accounts with "TRUE" last login dates. I've had feedbacks from IT folks that the "last login date" information from Windows AD listing does not genuinely reflect the real last login date of the user account due to multiple domains used in their environment.

Not sure how this concept works, anyone able to provide more insights on this concept?\

Appreciate the help.
You must sign in to rate content.
(1 ratings)

Comments

RE: Identify true inactive AD account

The simplest solution would be to run the utility on each domain within the enterprise. Depending on the amount of domains this could be quite a task. However, most companies have some type of SIEM that aggregates this information into reports (adhoc report that can go out and scan AD looking at the "lastlogon" property.

Hope that helps!
RKinNCObserver at 8/15/2013 10:57:58 AM Quote
You must sign in to rate content.
(2 ratings)

RE: Identify true inactive AD account

The simplest solution would be to run the utility on each domain within the enterprise. Depending on the amount of domains this could be quite a task. However, most companies have some type of SIEM that aggregates this information into reports (adhoc report that can go out and scan AD looking at the "lastlogon" property.

Hope that helps!
RKinNCObserver at 8/15/2013 10:57:58 AM Quote
You must sign in to rate content.
(2 ratings)

RE: Identify true inactive AD account

The simplest solution would be to run the utility on each domain within the enterprise. Depending on the amount of domains this could be quite a task. However, most companies have some type of SIEM that aggregates this information into reports (adhoc report that can go out and scan AD looking at the "lastlogon" property.

Hope that helps!
RKinNCObserver at 8/15/2013 10:57:58 AM Quote
You must sign in to rate content.
(2 ratings)

Leave a Comment

* required

You must login to leave a comment.