Directory Programming .NET

Is there any differences between User lastLogon and Computer lastLogon?
And do we need to query every DC for computer lastLogon like for users ?

Thank You.

It's the same attribute for computers as it is for users.

lastLogon is not replicated so you are correct regarding the need to query each DC for that attribute.

lastLogonTimeStamp is replicated every 14 days.

Both attributes are available on user and computer objects.

http://www.microsoft.com/technet/scriptcenter/topics/win2003/lastlogon.mspx

---

lindstrom.nullsession.com

I apply exactly the same logic of getting lastLogon from every DC for Users and Computers. When I lock the system and logon back, after running getting lastLogon logic from every DC I see that user lastlogon has changed but Computer has not. Should it be the same as user ?

Thank You.

Not sure on this because I have never tried to sniff the computer logon traffic.  The lastLogon attribute is known to not update with NTLM.  If your computer performed the NTLM auth, then it is a good chance this is what happened.

I will ask internally if there are other implications to computer logon and post back.

---

Ryan Dunn
Extemporaneous Mumblings
The .NET Developer's Guide to Directory Services Programming

Here is the answer I got internally, and it makes sense.

Locking/unlocking the workstation is a USER action and unlocking would only affect the user acount, NOT the computer.

The computer would logon when it accesses a server on its own behalf, usually when applying computer group policy or when the SMS client downloads a package to install. It will logon only when it boots up and when it needs to refresh its TGT.

---

Ryan Dunn
Extemporaneous Mumblings
The .NET Developer's Guide to Directory Services Programming

Yes that makes sense,
Thank You very much for explaining that.