Cisco ASA - AAA Users last logon

Similar Messages

• DB USER Last Logon Date

  Hi All,
  How to find a Database USER last logon date on 10g? by script.
  Thanks,

  You need to enable auditing to view history in audit files. In v$session you can see only connected sessions.
  http://asktom.oracle.com/pls/asktom/f?p=100:11:0::::P11_QUESTION_ID:1830073957439
  http://www.dba-oracle.com/art_builder_sec_audit.htm

• User last logon table

  Hi experts,
  Anyone knows what is the table where the portal stores the user last logon? The table WCR_USERFIRSTLOGON is for first logon, but... for the last logon?
  Thanks in advance,
  Regards,

  Hi Victor,
      First thing there is no seperate table for getting User Last Logon information. But we can get the User Last Logon information
  by fetching data from two Standard tables
  1.WCR_WEBCONTENTSTAT 
  2.WCR_USERPAGEUSAGE. Using the Primary key of table 1 we can compare it  the data with table2 to sort the Last Logon Date for the particular LoginID. Check it you will get a idea.
  This works when all the iViews or Pages for the End-Users have Moniter Users property enabled.
  Regards,
  Nivas
  Edited by: Nivas209 on Jul 5, 2011 7:41 AM

• AD Users Last Logon Time

  Hi Folks,
  I need to generate User's Last logon time from AD database. Could any one please assist me on this.
  Thanks in advance !
  -Chalapathi

  Hi,
  Get-ADUser -Identity USERNAME -Properties LastLogonDate |
  Select SamAccountName, LastLogonDate
  Link to syntax:
  http://ss64.com/ps/get-aduser.html
  EDIT: Just in case:
  http://blogs.technet.com/b/askds/archive/2009/04/15/the-lastlogontimestamp-attribute-what-it-was-designed-for-and-how-it-works.aspx
  Don't retire TechNet! -
  (Don't give up yet - 13,085+ strong and growing)

• Portal users - last logon time details

  Hi , 
  We have an requirement to get the list of users who logged in with the Last Logon Information  .
  From Standard Portal activity report ...we can get only the First logon date of the users .
  Kindly let us know the other possibilities to get it .
  Thanks ,
  Keerthi

  Hi Keerthi,
  Apart from Coding there is one option available through Authentication logs,this is tested in NW7.3 iam not sure which version you are using if you are using 7.0 then please check if this is available in 7.0 or not.
  1) Go to NWA
  2) Go to troubleshooting and logs section
  3) Open log viewer and choose Authentication logs from the logs option
  4) Specify the time frame in filter and choose everywhere for the logs to be picked up in generated report ,this wil gather authentication data from all server nodes.
  5) these logs will show each and every login performed bu Useres and it also shows how many times user have logged in to a particular application,choose IRJ as the application.
  6) Export the content to excel file and apply filter ,choose aplication as IRJ and choose date and time and select a user it will show all login with the date and time.
  7) You can feed this data to a predefined excel format and pull out necessary info ,only you need to develop an excel template for your reporting purpose and manually logs requires to be pulled in from NWA to feed the excel .
  this is another way which does not involve any java coding and tested on NW7.3 versions of Portal.
  hope this helps.
  Thx,
  Siddharth

• Export Office 365 User Last Logon Date

  When following this procedure http://technet.microsoft.com/en-US/ms772425 I receive the error below. Any help is appreciated.
  C:\Get-LastLogonStats.ps1 : A parameter cannot be found that matches parameter
  name 'InputFile'.
  At line:1 char:97
  + .\Get-LastLogonStats.ps1 -Office365Username uername@domain -Office365Password
  password -InputFile <<<<  c:\Files\InputFile.txt
      + CategoryInfo          : InvalidArgument: (:) [Get-LastLogonStats.ps1], P
     arameterBindingException
      + FullyQualifiedErrorId : NamedParameterNotFound,Get-LastLogonStats.ps1

  You need to enable auditing to view history in audit files. In v$session you can see only connected sessions.
  http://asktom.oracle.com/pls/asktom/f?p=100:11:0::::P11_QUESTION_ID:1830073957439
  http://www.dba-oracle.com/art_builder_sec_audit.htm

• How can I see the last logon of one user?

  Hi experts!
  I need to check the last logon of one user.
  How can I check that?
  Thanks a lot!

  Hi Carlos,
  You can check the users last logon to SAP from :-
  SE16N - Table USR02
  <b>Last login is TRDAT - Last logon date
                     LTIME -  Last logon time</b>
  Thanks,
  Vinay

• User last login informatoin in a Portal report

  Hi,
  We are looking any report which can show the Users Last logon dates.   We can see it in GUI but how to get this in Iview report.  Is there any standard report like Portal Activity report.  Portal Acitivty report will show the First logon date but not Last logn date.
  We want to see the users latest logon date.
  thanks
  Naveen

  I do not know if any such report is there but if you just want the last successful logon details you can use ume api lastsuccessfullogondate
  also this thread may be useful for u:
  /thread/9515 [original link is broken]

• Last Logon Inaccurate

  Hi
  I am using this AD Tidy tool and found that a user last logon time was on a Sunday @ 5PM. We have confirmed that the last day for the user is Friday @ 5PM.
  We forgot to disable the account until Monday. But what we find it weird is that this User does not have any remote access back to office and so how did the last logon time still showing on Sunday @ 5PM instead of Friday?
  Could the last logon time be wrong on the AD? We have about 6 DCs across 3 sites (2 DCs in each site)
  Thanks

  Hi
  I am using this AD Tidy tool and found that a user last logon time was on a Sunday @ 5PM. We have confirmed that the last day for the user is Friday @ 5PM.
  We forgot to disable the account until Monday. But what we find it weird is that this User does not have any remote access back to office and so how did the last logon time still showing on Sunday @ 5PM instead of Friday?
  Could the last logon time be wrong on the AD? We have about 6 DCs across 3 sites (2 DCs in each site)
  Thanks
  The date of Sunday is unusual.  I have seen where a last logon of Sunday doesn't reflect in the replication timestamp since it shows as behind the last logon but not ahead of the last logon. So my guess is there was a service, scheduled task -or- Exchange.
  Also note disabling the user (At least it didn't in Exchange 2007) doesn't stop the user from connecting with their phone to read email via ActiveSync.
  http://blogs.technet.com/b/messaging_with_communications/archive/2012/06/26/activesync-disabled-accounts-and-devices-continuing-to-sync.aspx
  Paul Bergson
  MVP - Directory Services
  MCITP: Enterprise Administrator
  MCTS, MCT, MCSE, MCSA, Security, BS CSci
  2012, 2008, Vista, 2003, 2000 (Early Achiever), NT4
  Twitter @pbbergs http://blogs.dirteam.com/blogs/paulbergson
  Please no e-mails, any questions should be posted in the NewsGroup.
  This posting is provided AS IS with no warranties, and confers no rights.
  Thanks for the response. I have done a check on OWA login using the Powershell command below to find all the logins in Apr but did not find any. So not sure how the time stamp would be of a future date.
  Select-String “C:\Inetpub\logs\LogFiles\W3SVC1\u_ex1404*.log” -Pattern “/owa/forms/premium/startpage.aspx” | Select-Object
  {$_.ToString().Split(” “)[0,1,7]}
  “C:\Inetpub\logs\LogFiles\W3SVC1\u_ex1404*.log” means all the logs from April 2014
  Select-Object {$_.ToString().Split(” “)[0,1,7]}
  means all column 0, 1 and 7.
  Thanks

• Undocumented/default "pix" User in Cisco ASA

  Hi -
  I came across a username at a new customer I was not aware off: "pix".(I felt like an Idiot looking through "show run all" not seeing the user after 5 years of descent asa/pix experience)
  While I am usually using username/password/priv-level and aaa authentication on my ASA configurations, this customer is using a user "pix" which is invisible in the "show run" and "show run all" command or even the "more system:flash" command. IMO it is a rather bad practice to use a user which would not survive any current configuration backup mechanisms or even worse open a firewall with a default user after some kind of configuration recovery/reset.
  Anybody any Idea why people would use this undocumented user - why there is a user on the Cisco ASA which can be used to login with - or where in the world this user is stored with its password? - Is this a kind of TAC backdoor to lost passwords?
  Regards
  Robert

  "asa" or "pix" are default fallback username that can be used in some scenarios if other authentication methods are unavailable.
  I think we removed them in the latest ASA code (later 8.3 or 8.4).
  I agree with you. This is not secure.

• Search for User by last logon date no longer works after upgrading to SPS18

  We used to be able to Search by last logon date under User Administration as a quick way to find out who logged on for a particular date.  It worked well, but only for a single date range.  We were on EP 6.0 SPS13 at the time.  Since we have upgraded to SPS18, it no longer works.  All we get back now is no user found no matter what date we enter. 
  Has anyone else experienced this problem?  I've been searching and haven't found anything.  I wanted to try and get more information before I create an OSS message.
  Thank you,
  Kathy

  it's since SP16, to be correct: http://help.sap.com/saphelp_nw04/helpdata/en/43/bc6b9202454dece10000000a422035/frameset.htm
  kr, achim

• Custom report toshow the "Last Logon User Name"

  Is it possible to create a custom report to display the "Last Logon User Name" field that appears in the Properties of each computer object ?

  Yes, download the RDL file and modify the report. If the user name is not in one of the current datasets, then you have to add it first.
  Kent Agerlund | My blogs: blog.coretech.dk/kea and
  SCUG.dk/ | Twitter:
  @Agerlund | Linkedin: Kent Agerlund |
  Mastering ConfigMgr 2012 The Fundamentals

• Last Logon User name query attribute not populating

  I have created a query that looks for all desktops in my environment and returns the hostname of the PC, the computer system model, and the last logon user name of each machine.  The problem is about 200 PCs do not have the last logon user name field
  populated.  The remaining 350 desktops and all laptops are reporting this.  I have been looking at this for the last several days but cannot find a reason why.  I verifed the PC have had at least one person log into them.  I thought maybe
  it is an issue with the SCCM client on the PCs so I have tried unistalling/reinstalling the client on a few machines.  After the reinstall is complete, the query shows my domain account as last logged into that PC, as I would expect.  However, no
  matter how many times I log into and out of the same PC with a different domain account, the query doesn't show this.  Can anyone help with some direction with this?  I am running Config Manager 2012 SP1 CU2.
  Thanks in advance.
  Mike G

  Audit logon events it set to capture success and failures.  The Heartbeat Discovery is set to send every week.
  Check your DDM log on site server and look for any error messages.
  I personally run my heartbeat discovery every day.
  You can try to adjust your discovery interval and see if that helps. If you can run it manually and it works, I can't think of anything that it would prevent it from working site wide with currently scheduled interval.
  Also, if you have adjusted your aged data maintenance tasks, this is something worth noting:
  The default schedule for Heartbeat Discovery is set to every 7 days. If you change the heartbeat discovery interval, ensure that it runs more frequently than the site maintenance task Delete
  Aged Discovery Data, which deletes inactive client records from the site database. You can configure the Delete Aged Discovery Data task
  only for primary sites.
  http://technet.microsoft.com/en-us/library/gg712308.aspx#BKMK_HeartbeatDisc

• Is there a system table or V$ view that will show a user's last logon date?

  Is there a system table or V$ view that will show a user's last logon date?
  I'm using Oracle 9.2.0.7

  sqlplus
  SQL*Plus: Release 11.2.0.1.0 Production on Tue Aug 31 12:44:42 2010
  Copyright (c) 1982, 2009, Oracle.  All rights reserved.
  Enter user-name: / as sysdba
  Connected to:
  Oracle Database 11g Enterprise Edition Release 11.2.0.1.0 - 64bit Production
  With the Partitioning, OLAP, Data Mining and Real Application Testing options
  SQL> desc user$
  Name                            Null?    Type
  USER#                            NOT NULL NUMBER
  NAME                            NOT NULL VARCHAR2(30)
  TYPE#                            NOT NULL NUMBER
  PASSWORD                             VARCHAR2(30)
  DATATS#                       NOT NULL NUMBER
  TEMPTS#                       NOT NULL NUMBER
  CTIME                            NOT NULL DATE
  PTIME                                  DATE
  EXPTIME                             DATE
  LTIME                                  DATE
  RESOURCE$                       NOT NULL NUMBER
  AUDIT$                              VARCHAR2(38)
  DEFROLE                       NOT NULL NUMBER
  DEFGRP#                             NUMBER
  DEFGRP_SEQ#                             NUMBER
  ASTATUS                       NOT NULL NUMBER
  LCOUNT                        NOT NULL NUMBER
  DEFSCHCLASS                             VARCHAR2(30)
  EXT_USERNAME                             VARCHAR2(4000)
  SPARE1                              NUMBER
  SPARE2                              NUMBER
  SPARE3                              NUMBER
  SPARE4                              VARCHAR2(1000)
  SPARE5                              VARCHAR2(1000)
  SPARE6                              DATE

• Get last logon + user name

  Hi Everyone 
  first on all where is the powershell forum ?
  I need help with powershell,
  we have file ( Excel -CSV )  that contains names of 70  computers name ,
  I want to know which user did logon and  who is now is login.
  NOTE :
  I succeed to get the last login but I do not know which user did logon
  I will happy if someone help me , thank you and i appreciate you
  My Website:www.Pelegit.co.il Mcitp /Mcsa 2012

  Hi Meir,
  >>Get last logon + user name
  Regarding this question, the following thread can be referred to for more information.
  How to display last login user account in active directory ?
  https://social.technet.microsoft.com/Forums/en-US/8609ce4d-b15f-447b-bc37-142021b9e00c/how-to-display-last-login-user-account-in-active-directory-?forum=winserverDS
  >>first on all where is the powershell forum ?
  Windows PowerShell
  https://social.technet.microsoft.com/Forums/Windows/en-US/home?forum=winserverpowershell
  Best regards,
  Frank Shen
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]