cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post

LastBadPasswordAttempt, BadLogonCount and logonCount

LastBadPasswordAttempt, BadLogonCount and logonCount

it would be nice to have a report over the AD attributs LastBadPasswordAttempt, BadLogonCount and logonCount.

LastBadPasswordAttempt is the timestamp which says when the last wrong password attempt is made.

BadLogonCount is the amount of bad logons.

logonCount is the amount of all good logons.

Tags (4)
4 Comments
Level 11

The actual properties are badpasswordtime, badpwdcount and logonCount.

Add them to PropertiesToLoad in the pnServer.config and use the Analyze&Act scenario "All users". You can then display the attributes:

2019-05-07 16_32_06-8MAN Sales VM (192.168.16.1) - Remote Desktop Connection Manager v2.7.png

The only "problem" is badpasswordtime because the actual value (ticks) will be displayed instead of a date-time-value.

Level 8

On this website you can calculate the "true" BadPasswordTime based on the 18-digit-value shown in the above screenshot: https://www.epochconverter.com/ldap

e.g.: "132018729465778543" turns out to be "Donnerstag, 9. Mai 2019 12:55:46 GMT+02:00" (in Germany).

Product Manager
Product Manager

Björn is correct - for more details on how to scan and load additional properties into ARM please refer to the 'Administrator Guide' page 79-83 or at Load additional LDAP Attributes.

The Problem that ticks are displayed instead of the correct date-time value is corrected in 2019.4.1 that hast just been released.

Community Manager
Community Manager
Status changed to: Implemented