C# (CSharp, C-Sharp) Windows Active Directory last logon

January 7, 2017

Hi guys

Please note, many threads were referred in order to compile the script attached below & all I did was re-arranging in order for better reading/formatting

(And I insure that the script works under following scenarios:

  1. You are a domain administrator
  2. You are administrating Windows 2003 onwards Windows domain
  3. Your puter is connected to the domain network ;)


Referenced websites/threads

  1. http://stackoverflow.com/questions/15775264/searching-for-lastlogon-attribute-of-user-in-multiple-domain-servers
  2. https://www.codeproject.com/kb/security/lastlogonacrossallwindows.aspx#_comments
  3. http://codebeautify.org/csharpviewer (for formatting the C# code)

How to test the code

Start Visual Studio (I am using 2013 Professional edition, you can use any of the community editions to test the scripts)

Create a new C# Console Application and name it llogon (else you need to change the namespace name “llogon” according to the name you have chosen for your new project.

Add the following references to your project

  1. “Framework -> System.DirectoryServices”
  2. “Browse and add -> C:\Windows\System32\activeds.tlb”


using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;

//Added by Rajesh

//using System.Management;
//using System.Data;
using System.DirectoryServices;
using System.DirectoryServices.ActiveDirectory;
//ActiveDS namespace
using ActiveDs; // Namespace added via ref to C:\Windows\System32\activeds.tlb

namespace llogon
    class Program
        static void Main(string[] args)
            // Get the root entry
            DirectoryEntry rootDSE = new DirectoryEntry("LDAP://RootDSE");
            string configurationNamingContext =
            string defaultNamingContext =
            Dictionary<string, Int64> lastLogons = new Dictionary<string, Int64>();
            // Get all the domain controllers
            DirectoryEntry deConfig = new DirectoryEntry("LDAP://" + configurationNamingContext);
            DirectorySearcher dsConfig = new DirectorySearcher(deConfig);
            dsConfig.Filter = "(objectClass=nTDSDSA)";
            foreach (SearchResult srDomains in dsConfig.FindAll())
                DirectoryEntry deDomain = srDomains.GetDirectoryEntry();
                if (deDomain != null)
                    string dnsHostName =
                    // Get all the users for that domain
                                   DirectoryEntry deUsers =
                     new DirectoryEntry("LDAP://" + dnsHostName + "/" + defaultNamingContext);
                    DirectorySearcher dsUsers = new DirectorySearcher(deUsers);
                    dsUsers.Filter = "(&(objectCategory=person)(objectClass=user))";
                    foreach (SearchResult srUsers in dsUsers.FindAll())
                        DirectoryEntry deUser = srUsers.GetDirectoryEntry();
                        if (deUser != null)
                            // Get the distinguishedName and lastLogon for each user
                            // Save the most recent logon for each user in a Dictionary object
                            string distinguishedName = deUser.Properties["distinguishedName"].Value.ToString();
                            Int64 lastLogonThisServer = new Int64();
                            if (deUser.Properties["lastLogon"].Value != null)
                                IADsLargeInteger lgInt =
                                lastLogonThisServer = ((long)lgInt.HighPart << 32) + lgInt.LowPart;

                            // Save the most recent logon for each user in a Dictionary object
                            if (lastLogons.ContainsKey(distinguishedName))
                                if (lastLogons[distinguishedName] < lastLogonThisServer)
                                    lastLogons[distinguishedName] = lastLogonThisServer;
                                lastLogons.Add(distinguishedName, lastLogonThisServer);
                            string readableLastLogon = DateTime.FromFileTime(lastLogonThisServer).ToString();
                            Console.WriteLine("User: " + distinguishedName + "Last logon: " +readableLastLogon);


Try the code & if you are stuck somewhere, do let me through the comments. I am working on a WPF C# project for a simple Active Directory Reporter / Asset Management System using WMI. Stay tuned & I will soon post the entire solution here :)





It’s been long time!

April 19, 2016

Hello guys!

I know, there were NOT much to post throughout last few months about Oracle as I am nose down into one of the development platforms that I hardly desired for developing business applications.

For me, it was always Oracle forms and reports. The easiest, the most robust development tools for BUSINESS applications which is supported by the ease of SQL, PL/SQL

I am doing loads of research with C# & SQL database, which will be the main technologies behind our next proposed ERP suite. After spending almost 15 years with Forms and reports, I don’t see Oracle is too keen about modernizing their most loved development tools & the latest release lacks loads of features those would have helped to reclaim the desktop based business applications.

Wondering whether there is still room for desktop applications, especially for businesses? dude! there is, and there will be!


So stay tuned, I will start posting my “findings” about C#, who knows may be some sample applications using Windows forms or WPF & Oracle database in near future!




VB.net | Active Directory | Get last logon for computer/user account

January 15, 2015

Ever wondered how to fetch the last logon details for a domain member computer or user? Using .Net Microsoft has made it pretty easier for the developers to populate the active directory attributes to desired data repositories, however getting the last logon date time value still remains a complex stuff (for beginners like us), especially when your domain consist of multiple domain controllers and they are spread across different geographical areas and subnets :)

After dwelling for long a while, I came across a C# code snippet @ http://www.codeproject.com/Articles/19181/Find-LastLogon-Across-All-Windows-Domain-Controlle that was mostly built against http://www.rlmueller.net/Last%20Logon.htm

I had to copy the codes those were split into multiple blocks for proper explanations, re-arrange and then using the online C# to VB.Net converters, convert to readable VB.Net coding. Again, there were few mismatches and I was able to figure them out through stackoverflow & tech forums posts.

Without going on with what and how I did it, here comes the complete coding. Please note, this is a console application solution, and you should add the references as seen with the below image in order to successfully call the methods and types


Imports System.DirectoryServices
Imports ActiveDs

Module Module1

    ''' &lt;summary&gt;
    ''' You should able to easily convert this console application to windows form application
    ''' with least efforts
    ''' Original code was posted with http://www.codeproject.com/Articles/19181/Find-LastLogon-Across-All-Windows-Domain-Controlle
    ''' using C#, I converted most of the C# Codes using online converter(s)
    ''' and ammended at few places, as the code block provided with the project were not fetching decent results
    ''' Rajesh Thampi / 15-Jan-2015 | w7bugs at gmail dot com | windows7bugs.wordpress.com
    ''' &lt;/summary&gt;
    ''' &lt;remarks&gt;&lt;/remarks&gt;
    Sub Main()
        'Get the root of the directory data tree on a directory server.
        Dim rootDse As New DirectoryEntry(&quot;LDAP://rootDSE&quot;)
        'Dictionary object to hold the records retrived by the search
        Dim lastLogons As Dictionary(Of String, Int64) = New Dictionary(Of String, Int64)
        'Local variable for holding formatted last logon values in datetime format
        Dim llogon As DateTime = Nothing

        'for User last logon
        'Dim TargetUsername As String = &quot;george&quot; ' -&gt; Pass sAMAccountName 
        'Dim objType As Integer = 805306368 '-&gt; 805306368  User | 805306369 Computer

        'for Computer
        Dim TargetUsername As String = &quot;JOSE-KSP$&quot; ' -&gt; Pass sAMAccountName 
        Dim objType As Integer = 805306369 '-&gt; 805306368  User | 805306369 Computer

        'Loop through all available domain controllers
        For Each dsDC As DirectoryServices.ActiveDirectory.DomainController In _
            'Print the individual domain controller name
            'Debug.Write(dsDC.Name &amp; vbCrLf) ' Uncomment for print
            'Get the Entry details for domain controller
            Dim dirEntry As DirectoryEntry = New DirectoryEntry(&quot;LDAP://&quot; + dsDC.Name + &quot;/&quot; + DirectCast(rootDse.Properties(&quot;defaultNamingContext&quot;).Value, String))
            'Define searcher for the objects of interest
            Dim dirObjects As DirectorySearcher = New DirectorySearcher(dirEntry)
            'Define a large integer to hold the COM object translated value
            'ActiveDS COM object is a MUST reference, yet to find another way to deal with highpart, lowpart values obtained from &quot;lastlogon&quot;
            Dim lastLogonThisServer As Int64 = New Int64()
            'Set up the filter for object to be returned through findall method
            dirObjects.Filter = &quot;(&amp;(sAMAccountType=&quot; &amp; objType &amp; &quot;)(sAMAccountName=&quot; &amp; TargetUsername &amp; &quot;))&quot;
            ' Loop through the records found
            For Each objRecords In dirObjects.FindAll()
                'Get the directory entry, this will return all the attributes associated with the object (Computer/User)
                Dim dirObj As DirectoryEntry = objRecords.GetDirectoryEntry()
                If Not dirObj Is Nothing Then
                    ' Get the distinguishedName and lastLogon for each user

                    Dim distinguishedName As String = dirObj.Properties(&quot;distinguishedName&quot;).Value.ToString()


                        If Not dirObj.Properties(&quot;lastLogon&quot;).Value Is Nothing Then
                            Dim lgIntas As ActiveDs.LargeInteger = dirObj.Properties(&quot;lastLogon&quot;).Value
                            Dim lngHigh As Long = lgIntas.HighPart
                            Dim lngLow As Long = lgIntas.LowPart
                            lastLogonThisServer = (lngHigh * (2 ^ 32) - lngLow)

                        End If

                    Catch ex As Exception
                    End Try
                    'Different date time formats you can play around with
                    'Dim format As String = &quot;MMM ddd d HH:mm yyyy&quot;  -&gt; Jan Thu 15 08:11 2015
                    'Dim format As String = &quot;dd/MMM/yyyy HH:mm tt&quot; -&gt; 15/Jan/2015 08:36 AM
                    'Debug.Write(distinguishedName &amp; &quot;;&quot; _
                    '&amp; DateTime.FromFileTime(lastLogonThisServer).ToString(format, Globalization.CultureInfo.InvariantCulture) &amp; vbCrLf)

                    'Save the most recent logon for each user in a Dictionary object
                    'How it works
                    'lastLogons dictionary object has two parts, key and corresponding value
                    'Prior adding a new record, using ContainsKey call we can check the array for existing keys
                    'With this example, the key is &quot;distinguishedName&quot;
                    'If the distinguishedName as key found

                    If lastLogons.ContainsKey(distinguishedName) Then
                        'We compare the latest fetched logon date integer value against the key value of the dictionary object
                        If lastLogons(distinguishedName) &lt; lastLogonThisServer Then
                            'If the existing value is smaller than the new value &quot;lastLogonThisServer&quot; holds
                            lastLogons(distinguishedName) = lastLogonThisServer
                            'We will update the existing key value with recent lastLogonThisServer value
                        End If
                        'We will add a new entry to the dictionary object
                        lastLogons.Add(distinguishedName, lastLogonThisServer)
                    End If
                End If
        'Now we will loop through the dictionary object and fetch the details
        'For a single user/computer the dictionary object will not have more than one entry
        For Each kvp As KeyValuePair(Of String, Int64) In lastLogons
            Dim v1 As String = kvp.Key
            Dim v2 As DateTime = DateTime.FromFileTime(kvp.Value).ToString()
            ' llogon = v2
            Dim format As String = &quot;dd/MMM/yyyy HH:mm tt&quot;
            Debug.Write(&quot;Distinguished Name :&quot; &amp; v1 &amp; &quot;;   Last logged :&quot; &amp; v2.ToString(format) &amp; vbCrLf)


    End Sub

End Module

You may download the solution from https://drive.google.com/file/d/0B-3iVeOMTCbWWFliTGN1NmNxMjQ/view?usp=sharing



A simple asp.net application for listing files and folders within a folder

December 25, 2013

We tease each other calling “Google Programmers” occasionally as we just cut and paste code from forums/websites and meet new business requirements and deadlines.

We started revamping our intranet site recently and was frantically looking at a prospective of converting few .asp driven details using .net application(s)

Our primary requirement was to list the content of a folder, along with subdirectories and files (mostly .pdf and .doc/.docx/.xls/.xlsx)

After loads of googling we came across two potential solutions and they were



The first solution was “too” professional approach for guys like us, who hardly have anything more than few hours of experiences with .net programming

The second solution looked more appropriate as we were looking at something which could be easily altered and adopted to our particular requirement.

Hence we copied the scripts available with the link and started altering them, and with our “extreme” level of exposure to the technology, almost after 72 hours we were able to shape up something which fits into our requirements, somehow and we are sharing the same with you.

We know, it could be done much easier or in a simpler manner, well that part we are leaving for the seasoned .net developers.

First create a .aspx file with name “Default” (eg:Default.aspx) and copy the following code inside the file (Notepad++)

<%@ Page Language="C#" AutoEventWireup="true"  CodeFile="Default.aspx.cs" Inherits="_Default" %>
<!DOCTYPE html>
    <title>Display | Bind Files from Folder to GridView</title>
    <style type="text/css">
        div { font:11px Verdana; width:750px }
        .grid { width:100%; font:inherit; background-color:#FFF; border:solid 1px #525252}
        .grid td { font:inherit; padding:2px; border:solid 1px #C1C1C1; color:#333; text-align:left;
            text-transform: capitalize}
        .grid th { padding:3px; color:#FFF; background:#424242 url(grd.png) repeat-x top; 
            border-left:solid 1px #525252; font:inherit; text-align:center; text-transform:uppercase}
        #drop1 { width:70px; padding:3px }
   <%-- <% 
        Response.Write("<br/> " + HttpContext.Current.Request.Url.Host);
        Response.Write("<br/> " + HttpContext.Current.Request.Url.Authority);
        Response.Write("<br/> " + HttpContext.Current.Request.Url.AbsolutePath);
        Response.Write("<br/> " + HttpContext.Current.Request.ApplicationPath);
        Response.Write("<br/> " + HttpContext.Current.Request.Url.AbsoluteUri);
        Response.Write("<br/> " + HttpContext.Current.Request.Url.PathAndQuery);
    <form id="form1" runat="server">
       <%-- <p> <asp:ListBox id="drop1" rows="3" runat="server">
                <asp:ListItem selected="true">All</asp:ListItem>
            <input type="button" id="btShowFiles" onserverclick="btShowFiles_Click" value="Show Files" runat="server" />

         <asp:GridView ID="GridView2" CssClass="grid" GridLines="None" ShowFooter="true" 
            AllowPaging="true" PageSize="5" AutoGenerateColumns="false" 


                    <asp:TemplateField HeaderText="Folder(s)">
                            <asp:HyperLink runat="server" ID="HyperLink1" Text='<%# Eval("Name") %>' NavigateUrl='<%# HttpContext.Current.Request.Url.AbsoluteUri +"/"+ Eval("Name") %>' />

        <asp:GridView ID="GridView1" CssClass="grid" GridLines="None" ShowFooter="true" 
            AllowPaging="true" PageSize="20" AutoGenerateColumns="false" 
            OnPageIndexChanging="GridView1_PageIndexChanging" runat="server">


                    <asp:TemplateField HeaderText="Name">

                            <%--<asp:Label ID="lblName" runat="server" Text='<%#System.IO.Path.GetFileNameWithoutExtension(Eval("Name").ToString()) %>'></asp:Label>--%>
                             <asp:HyperLink runat="server" ID="HyperLink2" Text='<%# System.IO.Path.GetFileNameWithoutExtension(Eval("Name").ToString()) %>' NavigateUrl='<%# 
                              Request.QueryString["p"] +"/"+ Eval("Name") %>' />

                    <asp:TemplateField HeaderText="File Length">
                    <ItemTemplate><asp:Label ID="lblLen" runat="server" Text='<%#Eval("Length")%>'></asp:Label>
                <asp:TemplateField HeaderText="File Extention">
                    <ItemTemplate><asp:Label ID="lblFileType" runat="server" Text='<%#Eval("Extension")%>'>
                <asp:TemplateField HeaderText="Creation Date & Time">
                    <ItemTemplate><asp:Label ID="lblDateTime" runat="server" Text='<%#Eval("CreationTime")%>'>

        <p><asp:Label Text="" ID="lblMsg" runat="server"></asp:Label></p>

Now create another file “Default.aspx.cs” and copy the below code inside the file

using System;
using System.IO;
using System.Globalization;

public partial class _Default : System.Web.UI.Page 

    protected void btShowFiles_Click(object sender, EventArgs e)
     //   ViewState["FileType"] = drop1.SelectedValue;     // GET THE FILE TYPE.

    protected void GridView1_PageIndexChanging(object sender, 
        System.Web.UI.WebControls.GridViewPageEventArgs e)
        GridView1.PageIndex = e.NewPageIndex;

    protected void GetFilesFromFolder()
        String pathname = Request.QueryString["p"];

        //String pathname;

      //  pathname = Request.QueryString["p"];


        //and in the second page that is a.aspx


        //b= Request.QueryString("val")


        DirectoryInfo objDir = new DirectoryInfo(Server.MapPath(pathname)); 

        //(@"D:\Dell Drivers");

        FileInfo[] listfiles = objDir.GetFiles("*");

        DirectoryInfo[] listDirs = objDir.GetDirectories(".");

        if (listDirs.Length > 0)
            GridView2.Visible = true;
            GridView2.DataSource = listDirs;
            GridView2.Visible = false;

        if (listfiles.Length > 0)
            GridView1.Visible = true;
            GridView1.DataSource = listfiles; 

            lblMsg.Text = listfiles.Length + " files found";    
        else {
            GridView1.Visible = false ;
            lblMsg.Text = "No files found";
    protected void Page_Load(object sender, EventArgs e)

Now move both the files to your web application folder. We were using the default “C:\inetpub\wwwroot” for the testing, hence moved the files to there.

Now you can start calling the application like following


Where memos is an actually folder available within “C:\inetpub\wwwroot” path

If you have folders within the “memos” folder, the application will present you view like following


Based on whether you have subfolders within the “memos” folder the application will either display or hide the Folder(s) grid, the same applies to Files grid as well

The best part is, this application can drill down into any level of nested folders and populate folder and file lists as URLs.

We thank A2S from forums.asp.net for helping us to strip out the extensions from filenames. Please refer to the below link for more details.


Enjoy guys!

After all it is another wonderful Christmas time


for Windows7bugs