Regularly reviewing information about every user’s last logon date in Active Directory can help you detect and remove vulnerabilities across your organization’s IT infrastructure. Each time a user logs on, the value of the Last-Logon-Timestamp attribute is fixed by the domain controller. With the last login date at hand, IT admins can readily identify inactive accounts and then disable them, thereby minimizing the risk of unauthorized attempts to log into the organization’s IT systems. Regularly auditing users’ last login dates in Active Directory is an efficient way to detect inactive accounts and prevent them from turning into bait for attackers.
Netwrix Auditor for Active Directory enables IT pros to get detailed information about all activity in Active Directory, including the last logon time for every Active Directory user account. The solution includes comprehensive pre-built reports that streamline logon monitoring and help IT pros track the last time that users logged into the system. In particular, The User Accounts - Last Logon Time report lists all user accounts — both enabled and disabled — with the path and last logon time for each account. This report helps IT pros spot inactive accounts that are potential security holes because they could be used as backdoor accounts by attackers. The report subscription function enables IT admins have the report delivered by email automatically on the schedule they specify, facilitating regular review in accordance with best practices and enabling them to eliminate system vulnerabilities more efficiently.