Hey all,
This may be addressed earlier but i am unable to find them here.
our policy is to disable users who have not logged in over 90 days. We have many users who use helpdesk applications and some users using exchange emails. Whenever we run the AD report for last logon and timestamp to disable the users, we get too many complains that the users were actively using the helpdesk application just yesterday or emails etc..
These are mostly remote users and without any vpn or line of sight to DC. Not sure on how to get accurate report and why the applications are not logging the information on DC. Any suggestions pls.
Please go through this article, YOu will get the idea of timestamp.
https://techcommunity.microsoft.com/t5/ask-the-directory-services-team/8220-the-lastlogontimestamp-attribute-8221-8211-8220-what-it-was/ba-p/396204