Generating a report of user logon hours
Paul
Is it possible to export user logon hours details from Active Directory. We
have a large organisation and need to see which users have access to the
system after 6pm.
Thanks
Paul
HPK
View permitted logon hours (VBScript):
http://techtasks.com/code/viewbookcode/1609
HOW TO: Limit User Logon Time in a Domain in Windows Server 2003:
http://support.microsoft.com/?scid=kb%3Ben-us%3B816666&x=13&y=11
Peter
Richard Mueller [MVP]
"HPK" <hpkr...@web.de> wrote in message
news:48488021-edcd-4baf...@2g2000hsn.googlegroups.com...
That program does not adjust for the local time zone bias, so the hours are
UTC (Coordinated Universal Time). The program I use is linked here:
http://www.rlmueller.net/Document%20LogonHours.htm
--
Richard Mueller
Microsoft MVP Scripting and ADSI
Hilltop Lab - http://www.rlmueller.net
--
Richard Mueller [MVP]
"Richard Mueller [MVP]" <rlmuelle...@ameritech.nospam.net> wrote in
message news:%23%239fNOtp...@TK2MSFTNGP02.phx.gbl...
A program to retrieve logonHours for all users in the domain follows. Ths
program outputs the actual hours for each user. You could modify the format
of the output:
=========
' UserLogonHours.vbs
Option Explicit
Dim objShell, lngBias, arrstrDayOfWeek
Dim arrbytLogonHours(20)
Dim arrintLogonHoursBits(167)
Dim bytLogonHours, lngBiasKey
Dim bytLogonHour, intLogonHour, strLine
Dim k, intCounter, intLoopCounter, j, m, strDN
Dim objRootDSE, strDNSDomain, adoCommand, adoConnection
Dim strBase, strFilter, strAttributes, adoRecordset, strQuery
' Determine the time zone bias from the local registry.
Set objShell = CreateObject("Wscript.Shell")
lngBiasKey = objShell.RegRead("HKLM\System\CurrentControlSet\Control\" _
& "TimeZoneInformation\Bias")
If (UCase(TypeName(lngBiasKey)) = "LONG") Then
lngBias = lngBiasKey
ElseIf (UCase(TypeName(lngBiasKey)) = "VARIANT()") Then
lngBias = 0
For k = 0 To UBound(lngBiasKey)
lngBias = lngBias + (lngBiasKey(k) * 256^k)
Next
End If
lngBias = Round(lngBias/60)
' Determine DNS domain name.
Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("defaultNamingContext")
' Use ADO to search Active Directory.
Set adoCommand = CreateObject("ADODB.Command")
Set adoConnection = CreateObject("ADODB.Connection")
adoConnection.Provider = "ADsDSOObject"
adoConnection.Open "Active Directory Provider"
Set adoCommand.ActiveConnection = adoConnection
' Search entire domain.
strBase = "<LDAP://" & strDNSDomain & ">"
' Search for all user objects.
strFilter = "(&(objectCategory=person)(objectClass=user))"
' Comma delimited list of attribute values to retrieve.
strAttributes = "distinguishedName,logonHours"
' Construct the LDAP query.
strQuery = strBase & ";" & strFilter & ";" & strAttributes & ";subtree"
' Run the query.
adoCommand.CommandText = strQuery
adoCommand.Properties("Page Size") = 100
adoCommand.Properties("Timeout") = 30
adoCommand.Properties("Cache Results") = False
Set adoRecordset = adoCommand.Execute
arrstrDayOfWeek = Array("Sun", "Mon", "Tue", "Wed", "Thu", "Fri", "Sat")
' Enumerate the resulting recordset.
Do Until adoRecordset.EOF
' Retrieve values.
strDN = adoRecordset.Fields("distinguishedName").Value
bytLogonHours = adoRecordset.Fields("logonHours").Value
Wscript.Echo strDN
If IsNull(bytLogonHours) Then
Wscript.Echo " All Hours"
Else
' Populate a byte array.
For k = 1 To LenB(bytLogonHours)
arrbytLogonHours(k - 1) = AscB(MidB(bytLogonHours, k, 1))
Next
' Populate a bit array, offset by the time zone bias.
j = 0
For Each bytLogonHour In arrbytLogonHours
For k = 7 To 0 Step -1
m = 8*j + k - lngBias
If (m < 0) Then
m = m + 168
End If
If (bytLogonHour And 2^k) Then
arrintLogonHoursBits(m) = 1
Else
arrintLogonHoursBits(m) = 0
End If
Next
j = j + 1
Next
' Output the bit array, one day per line, 24 hours per day.
intCounter = 0
intLoopCounter = 0
Wscript.Echo " Day"
Wscript.Echo " of ------- Hour of the Day -------"
Wscript.Echo " Week M-3 3-6 6-9 9-N N-3 3-6 6-9 9-M"
For Each intLogonHour In arrintLogonHoursBits
If (intCounter = 0) Then
strLine = arrstrDayOfWeek(intLoopCounter) & " "
intLoopCounter = intLoopCounter + 1
End If
strLine = strLine & intLogonHour
intCounter = intCounter + 1
If (intCounter = 3) Or (intCounter = 6) Or (intCounter = 9) _
Or (intCounter = 12) Or (intCounter = 15) Or (intCounter
= 18) _
Or (intCounter = 21) Then
strLine = strLine & " "
End If
If (intCounter = 24) Then
Wscript.Echo " " & strLine
intCounter = 0
End If
Next
End If
adoRecordset.MoveNext
Loop
' Clean up.
adoRecordset.Close
adoConnection.Close
marikani a
you can view report, i had find the solution from the following blog.. http://serveradministrators.blogspot.com/2011/02/active-directory-users-logon-and-logoff.html
>> On Friday, April 25, 2008 8:54 AM Richard Mueller [MVP] wrote:
>> "HPK" <hpkr...@web.de> wrote in message
>> news:48488021-edcd-4baf...@2g2000hsn.googlegroups.com...
>>
>> That program does not adjust for the local time zone bias, so the hours are
>> UTC (Coordinated Universal Time). The program I use is linked here:
>>
>> http://www.rlmueller.net/Document%20LogonHours.htm
>>
>> --
>> Richard Mueller
>> Microsoft MVP Scripting and ADSI
>> Hilltop Lab - http://www.rlmueller.net
>> --
>>> On Friday, April 25, 2008 9:28 AM Richard Mueller [MVP] wrote:
>>> "Richard Mueller [MVP]" <rlmuelle...@ameritech.nospam.net> wrote in
>>> message news:%23%239fNOtp...@TK2MSFTNGP02.phx.gbl...
>>>
>>>> On Saturday, April 26, 2008 11:35 PM HPK wrote:
>>>> On 25 Apr., 11:09, "Paul" <chewba...@wookie.org> wrote:
>>>>
>>>> View permitted logon hours (VBScript):
>>>> http://techtasks.com/code/viewbookcode/1609
>>>>
>>>> HOW TO: Limit User Logon Time in a Domain in Windows Server 2003:
>>>> http://support.microsoft.com/?scid=kb%3Ben-us%3B816666&x=13&y=11
>>>>
>>>>
>>>> Peter
>>>> Submitted via EggHeadCafe
>>>> SQL Server CLR Stored Procedures for External Access
>>>> http://www.eggheadcafe.com/tutorials/aspnet/08c40d08-af4a-41f6-9352-91ac82b90078/sql-server-clr-stored-procedures-for-external-access.aspx