Cisco ASA - AAA Users last logon
Hello,
I'm somewhat novice when it comes to ASA so I'm hopeing someone can help me figure out a way to determine the last logon of the AAA Local Users? I would like to cleanup all the inactive users since we use mostly Citrix now-a-days and all other users are supposed to be AD Authenticated through the ASA. In other words, most of the 40 local account should be inactive although some may still be used and I need to determine which. Anyone have any ideas?
Thanks,
Nick
It is possible using AAA server (using protocol LDAP, Kerbrose, Radius or TACACS) .
Have a look at following link:
http://www.cisco.com/en/US/products/ps6120/products_configuration_guide_chapter09186a008070317f.html
Regards
Rohit Chopra
Similar Messages
-
Hi All,
How to find a Database USER last logon date on 10g? by script.
Thanks,You need to enable auditing to view history in audit files. In v$session you can see only connected sessions.
http://asktom.oracle.com/pls/asktom/f?p=100:11:0::::P11_QUESTION_ID:1830073957439
http://www.dba-oracle.com/art_builder_sec_audit.htm -
Hi experts,
Anyone knows what is the table where the portal stores the user last logon? The table WCR_USERFIRSTLOGON is for first logon, but... for the last logon?
Thanks in advance,
Regards,Hi Victor,
First thing there is no seperate table for getting User Last Logon information. But we can get the User Last Logon information
by fetching data from two Standard tables
1.WCR_WEBCONTENTSTAT
2.WCR_USERPAGEUSAGE. Using the Primary key of table 1 we can compare it the data with table2 to sort the Last Logon Date for the particular LoginID. Check it you will get a idea.
This works when all the iViews or Pages for the End-Users have Moniter Users property enabled.
Regards,
Nivas
Edited by: Nivas209 on Jul 5, 2011 7:41 AM -
Hi Folks,
I need to generate User's Last logon time from AD database. Could any one please assist me on this.
Thanks in advance !
-ChalapathiHi,
Get-ADUser -Identity USERNAME -Properties LastLogonDate |
Select SamAccountName, LastLogonDate
Link to syntax:
http://ss64.com/ps/get-aduser.html
EDIT: Just in case:
http://blogs.technet.com/b/askds/archive/2009/04/15/the-lastlogontimestamp-attribute-what-it-was-designed-for-and-how-it-works.aspx
Don't retire TechNet! -
(Don't give up yet - 13,085+ strong and growing) -
Portal users - last logon time details
Hi ,
We have an requirement to get the list of users who logged in with the Last Logon Information .
From Standard Portal activity report ...we can get only the First logon date of the users .
Kindly let us know the other possibilities to get it .
Thanks ,
KeerthiHi Keerthi,
Apart from Coding there is one option available through Authentication logs,this is tested in NW7.3 iam not sure which version you are using if you are using 7.0 then please check if this is available in 7.0 or not.
1) Go to NWA
2) Go to troubleshooting and logs section
3) Open log viewer and choose Authentication logs from the logs option
4) Specify the time frame in filter and choose everywhere for the logs to be picked up in generated report ,this wil gather authentication data from all server nodes.
5) these logs will show each and every login performed bu Useres and it also shows how many times user have logged in to a particular application,choose IRJ as the application.
6) Export the content to excel file and apply filter ,choose aplication as IRJ and choose date and time and select a user it will show all login with the date and time.
7) You can feed this data to a predefined excel format and pull out necessary info ,only you need to develop an excel template for your reporting purpose and manually logs requires to be pulled in from NWA to feed the excel .
this is another way which does not involve any java coding and tested on NW7.3 versions of Portal.
hope this helps.
Thx,
Siddharth -
Export Office 365 User Last Logon Date
When following this procedure http://technet.microsoft.com/en-US/ms772425 I receive the error below. Any help is appreciated.
C:\Get-LastLogonStats.ps1 : A parameter cannot be found that matches parameter
name 'InputFile'.
At line:1 char:97
+ .\Get-LastLogonStats.ps1 -Office365Username uername@domain -Office365Password
password -InputFile <<<< c:\Files\InputFile.txt
+ CategoryInfo : InvalidArgument: (:) [Get-LastLogonStats.ps1], P
arameterBindingException
+ FullyQualifiedErrorId : NamedParameterNotFound,Get-LastLogonStats.ps1You need to enable auditing to view history in audit files. In v$session you can see only connected sessions.
http://asktom.oracle.com/pls/asktom/f?p=100:11:0::::P11_QUESTION_ID:1830073957439
http://www.dba-oracle.com/art_builder_sec_audit.htm -
How can I see the last logon of one user?
Hi experts!
I need to check the last logon of one user.
How can I check that?
Thanks a lot!Hi Carlos,
You can check the users last logon to SAP from :-
SE16N - Table USR02
<b>Last login is TRDAT - Last logon date
LTIME - Last logon time</b>
Thanks,
Vinay -
User last login informatoin in a Portal report
Hi,
We are looking any report which can show the Users Last logon dates. We can see it in GUI but how to get this in Iview report. Is there any standard report like Portal Activity report. Portal Acitivty report will show the First logon date but not Last logn date.
We want to see the users latest logon date.
thanks
NaveenI do not know if any such report is there but if you just want the last successful logon details you can use ume api lastsuccessfullogondate
also this thread may be useful for u:
/thread/9515 [original link is broken] -
Hi
I am using this AD Tidy tool and found that a user last logon time was on a Sunday @ 5PM. We have confirmed that the last day for the user is Friday @ 5PM.
We forgot to disable the account until Monday. But what we find it weird is that this User does not have any remote access back to office and so how did the last logon time still showing on Sunday @ 5PM instead of Friday?
Could the last logon time be wrong on the AD? We have about 6 DCs across 3 sites (2 DCs in each site)
ThanksHi
I am using this AD Tidy tool and found that a user last logon time was on a Sunday @ 5PM. We have confirmed that the last day for the user is Friday @ 5PM.
We forgot to disable the account until Monday. But what we find it weird is that this User does not have any remote access back to office and so how did the last logon time still showing on Sunday @ 5PM instead of Friday?
Could the last logon time be wrong on the AD? We have about 6 DCs across 3 sites (2 DCs in each site)
Thanks
The date of Sunday is unusual. I have seen where a last logon of Sunday doesn't reflect in the replication timestamp since it shows as behind the last logon but not ahead of the last logon. So my guess is there was a service, scheduled task -or- Exchange.
Also note disabling the user (At least it didn't in Exchange 2007) doesn't stop the user from connecting with their phone to read email via ActiveSync.
http://blogs.technet.com/b/messaging_with_communications/archive/2012/06/26/activesync-disabled-accounts-and-devices-continuing-to-sync.aspx
Paul Bergson
MVP - Directory Services
MCITP: Enterprise Administrator
MCTS, MCT, MCSE, MCSA, Security, BS CSci
2012, 2008, Vista, 2003, 2000 (Early Achiever), NT4
Twitter @pbbergs http://blogs.dirteam.com/blogs/paulbergson
Please no e-mails, any questions should be posted in the NewsGroup.
This posting is provided AS IS with no warranties, and confers no rights.
Thanks for the response. I have done a check on OWA login using the Powershell command below to find all the logins in Apr but did not find any. So not sure how the time stamp would be of a future date.
Select-String “C:\Inetpub\logs\LogFiles\W3SVC1\u_ex1404*.log” -Pattern “/owa/forms/premium/startpage.aspx” | Select-Object
{$_.ToString().Split(” “)[0,1,7]}
“C:\Inetpub\logs\LogFiles\W3SVC1\u_ex1404*.log” means all the logs from April 2014
Select-Object {$_.ToString().Split(” “)[0,1,7]}
means all column 0, 1 and 7.
Thanks -
Undocumented/default "pix" User in Cisco ASA
Hi -
I came across a username at a new customer I was not aware off: "pix".(I felt like an Idiot looking through "show run all" not seeing the user after 5 years of descent asa/pix experience)
While I am usually using username/password/priv-level and aaa authentication on my ASA configurations, this customer is using a user "pix" which is invisible in the "show run" and "show run all" command or even the "more system:flash" command. IMO it is a rather bad practice to use a user which would not survive any current configuration backup mechanisms or even worse open a firewall with a default user after some kind of configuration recovery/reset.
Anybody any Idea why people would use this undocumented user - why there is a user on the Cisco ASA which can be used to login with - or where in the world this user is stored with its password? - Is this a kind of TAC backdoor to lost passwords?
Regards
Robert"asa" or "pix" are default fallback username that can be used in some scenarios if other authentication methods are unavailable.
I think we removed them in the latest ASA code (later 8.3 or 8.4).
I agree with you. This is not secure. -
Search for User by last logon date no longer works after upgrading to SPS18
We used to be able to Search by last logon date under User Administration as a quick way to find out who logged on for a particular date. It worked well, but only for a single date range. We were on EP 6.0 SPS13 at the time. Since we have upgraded to SPS18, it no longer works. All we get back now is no user found no matter what date we enter.
Has anyone else experienced this problem? I've been searching and haven't found anything. I wanted to try and get more information before I create an OSS message.
Thank you,
Kathyit's since SP16, to be correct: http://help.sap.com/saphelp_nw04/helpdata/en/43/bc6b9202454dece10000000a422035/frameset.htm
kr, achim -
Custom report toshow the "Last Logon User Name"
Is it possible to create a custom report to display the "Last Logon User Name" field that appears in the Properties of each computer object ?
Yes, download the RDL file and modify the report. If the user name is not in one of the current datasets, then you have to add it first.
Kent Agerlund | My blogs: blog.coretech.dk/kea and
SCUG.dk/ | Twitter:
@Agerlund | Linkedin: Kent Agerlund |
Mastering ConfigMgr 2012 The Fundamentals -
Last Logon User name query attribute not populating
I have created a query that looks for all desktops in my environment and returns the hostname of the PC, the computer system model, and the last logon user name of each machine. The problem is about 200 PCs do not have the last logon user name field
populated. The remaining 350 desktops and all laptops are reporting this. I have been looking at this for the last several days but cannot find a reason why. I verifed the PC have had at least one person log into them. I thought maybe
it is an issue with the SCCM client on the PCs so I have tried unistalling/reinstalling the client on a few machines. After the reinstall is complete, the query shows my domain account as last logged into that PC, as I would expect. However, no
matter how many times I log into and out of the same PC with a different domain account, the query doesn't show this. Can anyone help with some direction with this? I am running Config Manager 2012 SP1 CU2.
Thanks in advance.
Mike GAudit logon events it set to capture success and failures. The Heartbeat Discovery is set to send every week.
Check your DDM log on site server and look for any error messages.
I personally run my heartbeat discovery every day.
You can try to adjust your discovery interval and see if that helps. If you can run it manually and it works, I can't think of anything that it would prevent it from working site wide with currently scheduled interval.
Also, if you have adjusted your aged data maintenance tasks, this is something worth noting:
The default schedule for Heartbeat Discovery is set to every 7 days. If you change the heartbeat discovery interval, ensure that it runs more frequently than the site maintenance task Delete
Aged Discovery Data, which deletes inactive client records from the site database. You can configure the Delete Aged Discovery Data task
only for primary sites.
http://technet.microsoft.com/en-us/library/gg712308.aspx#BKMK_HeartbeatDisc -
Is there a system table or V$ view that will show a user's last logon date?
Is there a system table or V$ view that will show a user's last logon date?
I'm using Oracle 9.2.0.7sqlplus
SQL*Plus: Release 11.2.0.1.0 Production on Tue Aug 31 12:44:42 2010
Copyright (c) 1982, 2009, Oracle. All rights reserved.
Enter user-name: / as sysdba
Connected to:
Oracle Database 11g Enterprise Edition Release 11.2.0.1.0 - 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options
SQL> desc user$
Name Null? Type
USER# NOT NULL NUMBER
NAME NOT NULL VARCHAR2(30)
TYPE# NOT NULL NUMBER
PASSWORD VARCHAR2(30)
DATATS# NOT NULL NUMBER
TEMPTS# NOT NULL NUMBER
CTIME NOT NULL DATE
PTIME DATE
EXPTIME DATE
LTIME DATE
RESOURCE$ NOT NULL NUMBER
AUDIT$ VARCHAR2(38)
DEFROLE NOT NULL NUMBER
DEFGRP# NUMBER
DEFGRP_SEQ# NUMBER
ASTATUS NOT NULL NUMBER
LCOUNT NOT NULL NUMBER
DEFSCHCLASS VARCHAR2(30)
EXT_USERNAME VARCHAR2(4000)
SPARE1 NUMBER
SPARE2 NUMBER
SPARE3 NUMBER
SPARE4 VARCHAR2(1000)
SPARE5 VARCHAR2(1000)
SPARE6 DATE -
Get last logon + user name
Hi Everyone
first on all where is the powershell forum ?
I need help with powershell,
we have file ( Excel -CSV ) that contains names of 70 computers name ,
I want to know which user did logon and who is now is login.
NOTE :
I succeed to get the last login but I do not know which user did logon
I will happy if someone help me , thank you and i appreciate you
My Website:www.Pelegit.co.il Mcitp /Mcsa 2012Hi Meir,
>>Get last logon + user name
Regarding this question, the following thread can be referred to for more information.
How to display last login user account in active directory ?
https://social.technet.microsoft.com/Forums/en-US/8609ce4d-b15f-447b-bc37-142021b9e00c/how-to-display-last-login-user-account-in-active-directory-?forum=winserverDS
>>first on all where is the powershell forum ?
Windows PowerShell
https://social.technet.microsoft.com/Forums/Windows/en-US/home?forum=winserverpowershell
Best regards,
Frank Shen
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]
Maybe you are looking for
-
I just installed PSE8 for Mac running OSX 10.5.8. When I click on PSE I get an error message "There was an error opening this document. The file is damaged and could not be repaired". I'm not trying to open any documents, just the program. When I
-
How to add text and objects (arrows) over a PDF document?
I am only familiar with Adobe Reader. Looking for the least expensive Adobe product that would allow me to add text and arrows over an existing PDF document. Not looking to edit (change) document other than add a "layer" over the original. Basic s
-
Transferring workspace from CC to CS6
how do i transfer my workspace and edit individual colors and shapes in CS 6. I was usuing CC previously. It allows me to paste all the graphics but i cant edit individually. thanks!
-
Data Inconsistency; Partition /BIC/B0000 not deleted
Hello Experts, I have created a process chain that deletes the change logs from different DSOs. When I scheduled it to run this morning, I got the error message saying 'Data inconsistency; Partition /BIC/B0000254000 not deleted'. I then checked the c
-
Hi Iam Ravi Kishore from Hyderabad, I have completed my MBA(HR) in last month i.e june 2006. I would like to learn Oracle HRMS. Please guide which module i should study and how is that going to be useful for me and also let me know the companies that