Applies To:
GroupID 8.x - Automate
Business Scenario:
This article explains how we can create a group and filter users based on their last logon time using the lastLogonTimestamp attribute.
We have three scenarios here; the first two are pretty simple.
- Scenario 1 - Filter all users who logged on at any time
- Scenario 2 - Filter users who never logged on
- Scenario 3 - Filter all users who did not log on during the last x number of days
Scenario 1 - Filter all users who logged on at any time
Use any of the following queries on the Query Designer:
lastLogonTimestamp IS Present (&(&(objectCategory=person)(objectClass=user))(lastLogonTimestamp=*)) |
Or
lastLogonTimestamp IS GreaterThan 0 (&(&(objectCategory=person)(objectClass=user))(lastLogonTimestamp>=0)) |
Scenario 2 - Filter users who never logged on
Use the following query on the Query Designer:
lastLogonTimestamp IS NOT Present (&(&(objectCategory=person)(objectClass=user))(!lastLogonTimestamp=*)) |
Scenario 3 - Filter all users who did not log on during the last x number of days
Now, this is challenging and interesting for two reasons; firstly we need a comparison with the current date. Secondly, the lastLogonTimestamp attribute is a long Integer and we need to perform the conversion in order to compare. (Click here to perform the conversion).
It's challenging but not impossible for GroupID Automate. Let's do it by following the steps below:
Steps:
- In GroupID Management Console, select Automate > right-click All Groups > New > Smart Group.
- Go through the pages of the New Smart Group wizard until you reach the Query Options page.
- Click Modify to launch the Query Designer dialog box.
- On the Identity Store tab, apply the query as below (note that I am also including users who never logged on; if you do not want never logged on users, just use the first criterion):
- Click OK to close the Query Designer and continue with the wizard.
- On the Update Options page, select the Update Later and Choose Later option buttons.
- Complete the wizard to create the Smart Group.
- Now right-click this new Smart Group and select Modify Query on the shortcut menu.
- On the Smart Script tab of the Query Designer, click the Edit Script button.
- In the Script Editor, scroll down to 'Sub ATM_BuildQuery' and add the following script. The script will look for objects that have not logged on in the last 30 and more days; you can change the number of days by changing ‘-30’ (shown in red).
dim path As String = "C:\LogUpdating.txt"
Using bw As StreamWriter = File.CreateText(path)
bw.writeline("Entering Membership Updating")
Dim OtherDate as string
OtherDate = DateAdd(DateInterval.DayOfYear,-30,DateTime.Now).ToFileTimeUtc
bw.writeline(OtherDate)
args.criteria = string.Format(args.criteria, OtherDate)
End Using -
Click Build > Compile Script on the menu.
- Click File > Exit; then click Yes to save the changes.
- Click OK to close the Query Designer.
- Right-click the group and select Update on the shortcut menu to verify the results.
Known Issue: When we apply a script, the results cannot be previewed using the Query Designer's Preview button.
References:
- GroupID Online Help topic: Query Designer dialog box
- Convert Long Integer to Date
Comments
0 comments
Please sign in to leave a comment.