What attribute is used for inactive users? lastlogon or lastlogontimestamp? If lastlogon, is Active Roles querying all domain controllers? We need to have a definitive date, not a date +- 14 days like lastlogontimestamp provides. And pulling lastlogon from a single domain controller is not necessarily accurate since that attribute is not replicated.
- Products
- Solutions
- Resources
- Trials
- Support
- Partners
- Communities