Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Thursday, December 10, 2015 12:14 PM
Hi all,
I want to get the LastLogonDate of Active Directory user using C# code. How can I do this ?
Please help me with the working code.
Thanks.
All replies (5)
Friday, December 11, 2015 2:42 PM âś…Answered
Hey Vishwajeet,
My apologies for any confusion. When you instantiate the DirectoryEntry object, passing a user and password are optional constructor parameters. You could just create the DirectoryEntry object with the LDAP path and have read-only access to AD depending on your environment.
One other option would be to work with your System Administrators and have them create you an AD "service account" that's not tied to any user, and only used specifically for programmatic usages, that you could then pass into the constructor if needed. That would be preferred if you needed specific privileges for any additional operations to AD.
Thursday, December 10, 2015 3:23 PM | 1 vote
Hi Vishwajeet,
I actually use something similar in a service I've already created for my employer. This does not have exception handling within (omitted for clarity) but this works great for my environment.
using System.DirectoryServices;
DirectoryEntry de = new DirectoryEntry("ADDomain", "ADUser", "ADPassword");
DirectorySearcher ds = new DirectorySearcher(de);
ds.Filter = string.Format("(&(objectCategory=user)(objectClass=user)({0}={1}))", "samAccountName", "YourUser");
ds.PropertiesToLoad.AddRange(new string[] { "samAccountName", "lastLogon" });
SearchResult sr = ds.FindOne();
long lastLogon = (long)sr.Properties["lastLogon"][0];
DateTime dtLastLogon = DateTime.FromFileTime(lastLogon);
With the DateTime dtLastLogon object being the result.
Best of luck!
Friday, December 11, 2015 3:03 AM
Thanks DPCodesalot for your reply. What if I do not know the Password of user. I have to find the lastlogondate of any user and I don't know the Password of user.
In this case what would be code. In above code snippet you have specified user password which I don't know.
Please guide me.
Thanks.
Saturday, December 12, 2015 3:27 AM
I just need to have read-only access to AD so that I can get Lastlogon date of all the users. I don't have to perform any Write Operation to AD. Just Read-only.
Saturday, December 12, 2015 7:22 AM
Thanks for guiding me in the right direction. I used other Constructor of DirectoryEntry class and then used the below code which is same as you have mentioned above but with different version of Constructor. I passed the LDAP path as string in the constructor of DirectoryEntry class. And it gave me the expected output LastLogonDate of AD user.
DirectoryEntry de = new DirectoryEntry("LDAP://corp.nathcorp.com");
DirectorySearcher ds = new DirectorySearcher(de);
ds.Filter = string.Format("(&(objectCategory=user)(objectClass=user)({0}={1}))", "samAccountName", "Vishwajeet.kumar");
ds.PropertiesToLoad.AddRange(new string[] { "samAccountName", "lastLogon" });
SearchResult sr = ds.FindOne();
long lastLogon = (long)sr.Properties["lastLogon"][0];
DateTime dtLastLogon = DateTime.FromFileTime(lastLogon);
Console.ReadLine();
In above code snippet the variable 'dtLastLogon ' contains the lastlogon date.
Thanks again.