[Solved] Fetching Active Directory user lastLogon attribute

[BGM]

In my project I want to extract some attribute information from a user account in Active Directory.

I have a vbs script converted to work via COM in autohotkey.

The function works with other attributes, like "cn", but it does not work with "lastLogon" - it returns blank.
I read here that the problem comes from the fact that vbs cannot correctly handle 64-bit values.
How can I do this, then?

Code: Select all

	msgbox % GetUserAttribute("bobnewhart", "cn")
	msgbox % GetUserAttribute("bobnewhart", "lastLogon")     ;lastLogon is stored as Interger8 (8 bytes) - but VBS cannot handle 64-bit numbers directly and returns blank

Code: Select all

GetUserAttribute(whatusername, whatattribute){
	objConnection := ComObjCreate("ADODB.Connection")
	objCommand := ComObjCreate("ADODB.Command")
	objRecordset := ComObjCreate("ADODB.Recordset")
	strDomain := ComObjGet("LDAP://rootDSE").Get("defaultNamingContext")
	objConnection.Open("Provider=ADsDSOObject;")
	objCommand.ActiveConnection := objConnection
	 
	objCommand.CommandText := "<LDAP://" . strDomain . ">" . ";(&(objectCategory=person)(objectClass=user)(sAMAccountName=" . whatusername . "))" . ";" . whatattribute . ";subtree"
	objRecordset := objCommand.Execute()
	retval := objRecordset.Fields(whatattribute).value
	alert(objRecordset.Fields(whatattribute) )
	
	objRelease(objDomain)
	objRelease(objConnection)
	objRelease(objCommand)	
	return retval
}

In the link I referenced, the fellow has a way of converting the timestamp integer into a date, but I haven't figured out how to get this into COM yet:
VBS Code:

Code: Select all

' Example VBScript to display when an object last logged on
' Version 2.0 - August 2005
' ---------------------------------------------------------'
Option Explicit
Dim objOU, objUser, objRootDSE, objLastLogon
Dim strContainer, strDNSDomain
Dim intLastLogonTime, intGuyTime
' --------------------------------------------------------'
' Note: Please change OU=Droitwich, to reflect your domain
' --------------------------------------------------------'
strContainer = "OU=Droitwich, "

Set objRootDSE = GetObject("LDAP://RootDSE")
strDNSDomain = objRootDSE.Get("DefaultNamingContext")

strContainer = strContainer & strDNSDomain
set objOU =GetObject("LDAP://" & strContainer )
For Each objUser In objOU
Set objLastLogon = objUser.Get("lastLogon")
intLastLogonTime = objLastLogon.HighPart * (2^32) + objLastLogon.LowPart
intLastLogonTime = intLastLogonTime / (60 * 10000000)
intLastLogonTime = intLastLogonTime / 1440

Wscript.Echo objUser.givenName & " 's last logon time: " _
& intLastLogonTime + #1/1/1601#
Next
WScript.Quit

' End of lastLogon example VBScript

In particular, how do I render *this* in ahk?
objLastLogon := objUser.Get("lastLogon")

[gilliduck]

If no one answers this to your satisfaction, check back tomorrow. I'm not at work so I don't have access to Active Directory at the moment, but I've got a few handy scripts I've made to interface with it that might just do what you need.

[BGM]

Great! Thanks for answering.

[timelizards]

Combining two functions I found on the forums I was able to get within a day (seems like some kind of rounding or locale issue). I do not think the error is with the functions but rather my implementation. Also I chose to use the LastLogonTimestamp property because i think this value is replicated across domain controllers.

I gave it my best shot but Im leaving for the day. Im sorry i did not have time to use your original code.

first off, credit due, i am not the author of any of this code, however i did find it on the forums. also thank you for posting links to your resources as they were valuable in getting this far.

FUNCTIONS:

by "polyethene"
llt(i)
http://www.autohotkey.com/board/topic/1 ... onversion/

by "Xanthus"
FindDistinguishedName(_Item)
http://www.autohotkey.com/board/topic/7 ... recrusive/

Code: Select all

ComObjError(false)

userdn := FindDistinguishedName("useridhere")

_objUser := ComObjGet("LDAP://" . userdn)

objLastLogonTimestamp := _objUser.lastLogontimestamp

intLastLogonTime := objLastLogonTimestamp.HighPart * (2**32) + objLastLogonTimestamp.LowPart

x := llt(intLastLogonTime)

FormatTime, y, %x%

MsgBox, %y%
	
llt(i)
{
	i /= 864000000000 ; total number of 100-nanosecond intervals in an SI day
	t = 16010101
	t += i, d
	Return, t
}	

FindDistinguishedName(_Item)
{
	;This finds a full DN name from a short name or a samaccount name.

	try {
		;MsgBox, FindDistinguishedName(_Item)
		MembersOfGroup := Object()
		objRootDSE := ComObjGet("LDAP://rootDSE")
		strDomain := objRootDSE.Get("defaultNamingContext")
		strADPath := "LDAP://" . strDomain
		objDomain := ComObjGet(strADPath)
		objConnection := ComObjCreate("ADODB.Connection")
		objConnection.Open("Provider=ADsDSOObject")
		objCommand := ComObjCreate("ADODB.Command")
		objCommand.ActiveConnection := objConnection

		objCommand.CommandText := "<" . strADPath . ">;(|(name=" . _Item . ")(sAMAccountName=" . _Item . "));distinguishedName;subtree"
		objRecordSet := objCommand.Execute
		objRecordCount := objRecordSet.RecordCount
		objOutputVar :=
		While !objRecordSet.EOF
		{
		  _Item := objRecordSet.Fields.Item("distinguishedName").value
		  objRecordSet.MoveNext
		}
	}
	catch {
		; Ooops
	}
	objRelease(objRootDSE)
	objRelease(objDomain)
	objRelease(objConnection)
	objRelease(objCommand)

	return _Item
}	
	
	
	

[BGM]

@timelizards - say, that's right nice! It works perfectly! Okay, now I have to go and figure out how it works so I can adapt it into my project.
Thank you very much! I'll say some Hail Mary's for you.