This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Lansweeper Community
- Forums
- Reports & Analytics
- Additional User Reports
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎01-27-2016 07:26 PM
I noticed that there is a lack of reports for Users. I would like to generate reports for:
These user reports are all very useful for network security and IT auditing purposes. So would appreciate your help in being able to create these reports. Thanks.
- Inactive users: similar to how there are reports for computers not seen in the last x-days. This is extremely helpful for maintaining a clutter-free AD.
- Newly created users: similar to reports for new computers found in the last x-days.
- Recently deleted users.
- Users who are members of the "Administrators" group (local machine).
These user reports are all very useful for network security and IT auditing purposes. So would appreciate your help in being able to create these reports. Thanks.
Solved! Go to Solution.
Labels:
- Labels:
-
Report Center
1 ACCEPTED SOLUTION
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎01-30-2016 07:25 PM
CBG-NK wrote:
Inactive users: similar to how there are reports for computers not seen in the last x-days. This is extremely helpful for maintaining a clutter-free AD.
You could build a report based on the tblCPlogoninfo database table to list users for which no recent logon events have been detected. (A logon event is added to the database when a user is logged into a computer during a computer scan.) I've posted a sample report below that lists AD users for which no logon events have been detected or whose last logon event is from more than
Select Top 1000000 tblADusers.Username,
tblADusers.Userdomain,
Max(tblCPlogoninfo.logontime) As LastLogon
From tblADusers
Left Join tblCPlogoninfo On tblCPlogoninfo.Domain = tblADusers.Userdomain And
tblCPlogoninfo.Username = tblADusers.Username
Group By tblADusers.Username,
tblADusers.Userdomain
Having (Max(tblCPlogoninfo.logontime) Is Null) Or
(Max(tblCPlogoninfo.logontime) = '') Or
(Max(tblCPlogoninfo.logontime) < GetDate() -30 )
Order By tblADusers.Userdomain,
tblADusers.Username
CBG-NK wrote:
Newly created users: similar to reports for new computers found in the last x-days.
The sample report below lists AD users created in the last
Select Top 1000000 tblADusers.Username,
tblADusers.Userdomain,
tblADusers.Firstname,
tblADusers.Lastname,
tblADusers.Name,
tblADusers.Displayname,
tblADusers.whenCreated
From tblADusers
Where tblADusers.whenCreated > GetDate() -7
Order By tblADusers.Userdomain,
tblADusers.Username
CBG-NK wrote:
Recently deleted users.
If you mean deleted from Active Directory: this is not information we currently store in the database, but I've added the feature to the wish list. You can have users that are deleted or disabled in Active Directory removed from your Lansweeper database though, with the database cleanup options found under Configuration\Server Options.
CBG-NK wrote:
Users who are members of the "Administrators" group (local machine).
There is a built-in report in the Reports tab for this, called "Computer: Unauthorized Administrators". More information on how this report works can be found here.
4 REPLIES 4
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-01-2016 02:47 PM
Oh and might as well add AD deleted computer accounts to the wishlist as well! 😄
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-01-2016 05:05 PM
CBG-NK wrote:
Oh and might as well add AD deleted computer accounts to the wishlist as well! 😄
I've added this to the wish list as well. Thank you for your feedback!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎02-01-2016 02:44 PM
Thanks a bunch Susan! They worked like a charm.
I really appreciate adding the AD deleted users to the wishlist, because knowing when and which users were deleted, and who deleted them, can greatly assist in saving time during IT auditing and investigations.
I really appreciate adding the AD deleted users to the wishlist, because knowing when and which users were deleted, and who deleted them, can greatly assist in saving time during IT auditing and investigations.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎01-30-2016 07:25 PM
CBG-NK wrote:
Inactive users: similar to how there are reports for computers not seen in the last x-days. This is extremely helpful for maintaining a clutter-free AD.
You could build a report based on the tblCPlogoninfo database table to list users for which no recent logon events have been detected. (A logon event is added to the database when a user is logged into a computer during a computer scan.) I've posted a sample report below that lists AD users for which no logon events have been detected or whose last logon event is from more than
Select Top 1000000 tblADusers.Username,
tblADusers.Userdomain,
Max(tblCPlogoninfo.logontime) As LastLogon
From tblADusers
Left Join tblCPlogoninfo On tblCPlogoninfo.Domain = tblADusers.Userdomain And
tblCPlogoninfo.Username = tblADusers.Username
Group By tblADusers.Username,
tblADusers.Userdomain
Having (Max(tblCPlogoninfo.logontime) Is Null) Or
(Max(tblCPlogoninfo.logontime) = '') Or
(Max(tblCPlogoninfo.logontime) < GetDate() -30 )
Order By tblADusers.Userdomain,
tblADusers.Username
CBG-NK wrote:
Newly created users: similar to reports for new computers found in the last x-days.
The sample report below lists AD users created in the last
Select Top 1000000 tblADusers.Username,
tblADusers.Userdomain,
tblADusers.Firstname,
tblADusers.Lastname,
tblADusers.Name,
tblADusers.Displayname,
tblADusers.whenCreated
From tblADusers
Where tblADusers.whenCreated > GetDate() -7
Order By tblADusers.Userdomain,
tblADusers.Username
CBG-NK wrote:
Recently deleted users.
If you mean deleted from Active Directory: this is not information we currently store in the database, but I've added the feature to the wish list. You can have users that are deleted or disabled in Active Directory removed from your Lansweeper database though, with the database cleanup options found under Configuration\Server Options.
CBG-NK wrote:
Users who are members of the "Administrators" group (local machine).
There is a built-in report in the Reports tab for this, called "Computer: Unauthorized Administrators". More information on how this report works can be found here.
New to Lansweeper?
Try Lansweeper For Free
Experience Lansweeper with your own data. Sign up now for a 14-day free trial.
Try Now
Related Content
- Report Request: All assets with Chrome version under 90, and additional parameter in Reports & Analytics
- Looking for a report for Local users created in AWS in Reports & Analytics
- AWS IAM Keys and Users Report in Reports & Analytics
- Lansweeper agent can't close helpdesk tickets or enter notes in General Discussions
- Lansweeper Cloud View Data Account Role in General Discussions
