How to display last login time when logging into a Windows server?

windows-server-2003 windows-server-2008 security login
17,184

Solution 1

A workaround that would work on both Server 2003 and 2008 would be to use BGInfo from sysinternal with the getCurrentUserLastLoginTime.vbs script from slingfive.com. You'll probably want to make sure you protect the script and the bginfo executable to make sure nobody plays tricks with your last login information.

Solution 2

For Windows Server 2008: this article explains how to enable this feature.

This feature is only available after the Domain Functional Level has been increased to Windows Server 2008. That means that only W2K8 DCs exist in the AD domain and no WNT4, no W2K or W2K3 DCs. Even after increasing the DFL the feature is not available right away.

Change this Group Policy setting if you want to write the information into the directory at logon:

 Computer Configuration\Administrative Templates\Windows Components\Windows Logon Options\
 Display information about previous logons during user logon = ENABLED

Warning: For domain user accounts in Windows Server 2003, Windows 2000 native, or Windows 2000 mixed functional level domains, if you enable this setting, a warning message will appear that Windows could not retrieve the information and the user will not be able to log on. Therefore, you should not enable this policy setting if the domain is not at the Windows Server 2008 domain functional level.

Solution 3

If you only had server 2008 DC's , so you could raise the domain functional level to Windows Server 2008 there is a quick and easy group policy setting to do this.

Unfortunately, if you Server 2003 DC's you need to look at the 'lastLogonTimeStamp' attribute of the user account.

Share:
17,184

Related videos on Youtube

Tanaji Kamble
Author by

Tanaji Kamble

Updated on September 17, 2022

Comments

  • Tanaji Kamble
    Tanaji Kamble over 1 year

    We have been tasked with a security requirement to display the last time a user was logged into the server upon login on our Windows 2003 and 2008 servers. This would apply to local and AD accounts. What is the best way to accomplish this? There doesn't appear to be any built in mechanism to do this and the best idea that we have found was the possibility of using a script with BgInfo.

  • Tanaji Kamble
    Tanaji Kamble almost 15 years
    Yeah, this is what I thought, I just wanted to confirm that there wasn't an easier/better way first.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Default Domain Policy Overriding Custom GPO even though Custom GPO is Enforced
ntrights equivalent/replacement for Server 2008
How to run specific program with root privileges (Ubuntu OS) when no sudo user log into system?
IIS7 give ApplicationPoolIdentity access to a network location
Rewrite login_check functionality in Symfony
Effect of entries in /etc/securetty
How to configure a U2F key(such as a YubiKey) for system wide 2-Factor Authentication?
Where is the username and password stored?
Sudo is also user login password - why? how to change?
18.04: Bionic Beaver: Login Screen: Modify: remove all options for better security