how do I discover "distinct" computers in my domain

Discussion in 'Active Directory' started by gila, Oct 21, 2005.

  1. gila

    gila Guest

    Dear All,
    I'm trying to list all the "distinct" computers in my domain i.e. those that
    have not broadcast any life signs during the last 30 days. The OLDCMP.EXE
    only regards user logon activity and password expired information and not
    broadcasting of computer in the network. I am using Windows Server 2003
    Active Directory.
    gila, Oct 21, 2005
    1. Advertisements

  2. gila

    gila Guest

    Dear All,
    I meant extinct and not distinct.
    gila, Oct 21, 2005
    1. Advertisements

  3. Hi,

    If your Windows 2003 domain is in native mode, you can do a query on
    the lastLogonTimestamp attribute. Note that this attribute is only
    updated on a weekly basis though.

    The below is relevant for both user and computer accounts.

    From the docs for lastLogonTimestamp:

    This is the time that the user last logged into the domain. This value
    is only updated when the user logs in if a week has passed since the
    last update. This value is replicated.

    When the domain functional level has been set to Windows Server 2003,
    a new lastLogonTimestamp attribute is used to track the last logon
    time of a user or computer account.

    Note the once a week update only part and the Windows Server 2003
    domain functional level prerequisite.

    A "Scripting Guys" article about lastLogonTimestamp:

    Dandelions, VCR Clocks, and Last Logon Times: These are a Few of Our
    Least Favorite Things
    Torgeir Bakken \(MVP\), Oct 21, 2005
  4. That isn't what he is asking for as that is what oldcmp takes care of for people.

    He wants, IMO, a tool that can look to see if a computer has sent any traffic
    out over the network in the last thirty days which is pretty much impossible
    unless you have something running on the network hardware itself calculating
    stats for every packet it sees which would almost certainly be MAC based versus
    IP based and would have to live on every separate physical portion that has a
    unique subnet space. I.E. It couldn't for instance just live on routers because
    routers don't see all traffic, this is more like it would have to live on the
    switches themselves.
    Joe Richards [MVP], Oct 21, 2005
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.