No announcement yet.

Last Logon - Error on DCs

  • Filter
  • Time
  • Show
Clear All
new posts

  • Last Logon - Error on DCs

    I am using Hyena to manage our internal AD domain (LDAP:// plus an external AD domain (LDAP:// Both running Win2k3.

    Resolving the last logon date from all DCs in the internal domain works fine, using the "Check All Domain Controllers" button, and returns results from all DCs. However not so on the external DC.

    There are 2 DCs in the external domain: \\EXT-DC01.EXT.XYZ.US and \\EXT-DC02.EXT.XYZ.US. I have the ADSI Path set in Object Manager and thus am able to manage the domain. When I click the "Check All Domain Controllers" button I get a result like this:

    \\EXT-DC02 Error
    \\EXT-DC01 Error
    \\EXT-DC01.EXT.XYZ.US 04/04/2011 03:22 PM

    So it seems like it might be some kind of name resolution thing but I'm at a loss at how to correct it. I get the same results when I fill in the ADSI Server in Object Manager. I get a success from the one I've listed but 2 failures where the DC name shows but no fully qualified domain.

    Please help.

  • #2
    Re: Last Logon - Error on DCs

    2 things to experiment with:

    1. Go to File->Manage Object View, click on the domain you are having trouble with and click the button beside the ADSI Path box. Find the domain there and let it fill in the proper path. Try again and see if that makes a difference.

    2. Go to Tools->Settings->Active Directory and check the box to Use DNS Computer Paths. After making this change, refresh the user list and test again to see if that makes any difference.


    • #3
      Re: Last Logon - Error on DCs

      Instead of using the User Logon Information, have you tried just adding the Attribute LastLogonTimeStamp in the ADQueries under Object Manager Configuration. AD synchronizes this attribute amongst your domain controllers.

      You can transverse the entire domain looking for just users and see last log on for ever one.

      [This message has been edited by Trammel (edited 06-09-2011).]


      • #4
        Re: Last Logon - Error on DCs

        EXCELLENT! Thanks Trammel.

        cmccullough - I tried your 2 experiments (had already chosen the ADSI path). Checked the "DNS Computer Paths" option but that didn't work. Seemed like it would have because it seems to be failing because it is not using the FQDN. However, it is still succeeding on the DC that is the source, using its FQDN, and then failing for both DCs (hostname only).

        I can accomplish what I need using Trammel's suggestion. So I'm good. However, if you do decide to look into this further and fix it I'd be interested in hearing what you find.



        • #5
          Re: Last Logon - Error on DCs

          The problem is caused by this function not showing the DCs in the FQDN format. Basically, the function only shows and uses the Netbios name. The solution, which is being implemented now, is to check the settings for using DNS names (Tools->Settings->Active Directory) and if set, to use the DNS style name. This should work, and also eliminate the duplicate server name as the DNS is not matching the Netbios name which is causing this.

          This will be fixed in the next patch/update.

          Thanks for reporting this problem.
          Kevin Stanush
          SystemTools Software Inc.


          • #6
            Re: Last Logon - Error on DCs

            This problem has been fixed in rev 'D' of Hyena v8.6, available now. If you have the option turned on to use DNS paths (Tools->Settings->Ad), then Hyena will use a DNS name for the DC names.
            Kevin Stanush
            SystemTools Software Inc.