如何使用户从Active Directory上次登录

Question

I am trying to work with active directory to get users information. For the most part, it's working. The problem is I cant seem to get a users last logon date. Anyone have any suggestions? My code is as follows:

    Public Shared Function GetUsersByUsername(ByVal Username As String) As ADUser
    Dim myUser As New ADUser
    Dim oroot As DirectoryEntry = New DirectoryEntry("GC://ldap.myCompany.com")
    Dim osearcher As DirectorySearcher = New DirectorySearcher(oroot)
    Dim result As SearchResult

    osearcher.Filter = String.Format("(&(SAMAccountName={0}))", Username)
    osearcher.PropertiesToLoad.Add("cn")
    osearcher.PropertiesToLoad.Add("SAMAccountName")   'Users login name  
    osearcher.PropertiesToLoad.Add("givenName")    'Users first name  
    osearcher.PropertiesToLoad.Add("sn")   'Users last name  
    osearcher.PropertiesToLoad.Add("mail")   'Email address       
    osearcher.PropertiesToLoad.Add("accountExpires") 'expiration date

    result = osearcher.FindOne
    Try
        Dim userPath As String() = result.Path.ToString.Split(New Char() {","c})
        Dim parsedString As String
        Dim User As DirectoryEntry
        Dim expirationDate As String

        User = result.GetDirectoryEntry()

        myUser.UserID = result.Properties("cn").Item(0)
        myUser.EmailAddress = result.Properties("mail").Item(0)
        myUser.FirstName = result.Properties("givenName").Item(0)
        myUser.LastName = result.Properties("sn").Item(0)         

        expirationDate = result.Properties("accountExpires").Item(0)

        If (isAccountLocked(User) = True) Then
            myUser.Status = ADUser.AccountStatus.Locked
        ElseIf (isAccountEnabled(User) = False) Then
            myUser.Status = ADUser.AccountStatus.Disabled
        ElseIf (isAccountExpired(expirationDate) = True) Then
            myUser.Status = ADUser.AccountStatus.Expired
        Else
            myUser.Status = ADUser.AccountStatus.Active
        End If

        parsedString = userPath((userPath.Length - 3))
        myUser.Domain = parsedString.Substring(3, parsedString.Length - 3)

    Catch ex As Exception
        Return Nothing
    End Try

    Return myUser
End Function

Answer 1

works for me:

1. Load the property:

    osearcher.PropertiesToLoad.Add("lastLogon") 

2. Access it:

    dim myDateInterval = result.Properties("lastLogon").Item(0) 

Note you'll get back an interval value. It's 64-bit, unsigned, I think. There are some casting methods in .NET, but they only take signed 64-bit. Haven't checked how many years ahead that would be before it was an issue!

Also, if you use the newer UserPrincipal from DirectoryServices then it's got lastlogon in it, that returns a nullable date.

Answer 2

Have you tried the 'lastLogon' LDAP attribute? Your code looks good, I'm guessing you're just not sure where the information is stored in AD?