Active Directory中用户的错误LastLogonTimeStamp值 [英] Incorrect LastLogonTimeStamp Value of user in Active Directory

问题描述

我在Active Directory中使用用户的LastLogonTimeStamp属性获取上次登录日期时间，值不一致，

I'm using LastLogonTimeStamp property of user in Active Directory to get the Last logon date time, Value isn't consistent,

还有其他人遇到同样的问题吗?

Any one else faced same issue?

我们可以信任LastLogonTimeStamp吗?

Can we trust the LastLogonTimeStamp?

更新: 只是一个域控制器

Update: It's just one Domain Controller

推荐答案

LastLogonTimeStamp根据设计仅在用户登录且当前值在9到14天之间时才更新.他们这样做是为了减少AD中的复制流量.

LastLogonTimeStamp by design only gets updated when the user logs in and the current value is between 9 and 14 days old. They did this to cut down on replication traffic in AD.

此

请务必注意 的预期目的 lastLogontimeStamp属性可提供帮助 识别不活动的计算机和用户 帐户. lastLogon属性是 不旨在提供实时 登录信息.默认情况下 设置到位 lastLogontimeStamp将是9-14天 在当前日期之后.

It is important to note that the intended purpose of the lastLogontimeStamp attribute to help identify inactive computer and user accounts. The lastLogon attribute is not designed to provide real time logon information. With default settings in place the lastLogontimeStamp will be 9-14 days behind the current date.

如果要获取用户的实际最后登录信息，则必须从域中的每个域控制器中提取lastLogon属性，并使用最新值.

If you want the real last logon information for a user, you have to pull the lastLogon attribute from each domain controller in the domain and use the most recent value.

这篇关于Active Directory中用户的错误LastLogonTimeStamp值的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！