Using Active Directory last logon to get list of expired users
2. Select the Default Report and click on Load Report to load the report.
3. Click Continue to display the report
4. Click on the Filters toolbar button
6. Click the Expression field and select Prior to x minutes ago
7. In the Value field type 63360 (see below to see how this value was calculated)
9. Click Apply and Run to the view the results
10. You can now Export the results to HTML or CSV through the Export button
How the minutes were calculated:
There are 60 x 24 minutes in a day = 1440
Multiply by 30 days = 43200
Add another 14 days due to the frequency at which the lastLogonTimeStamp is updated = 63360
Since a user could have potentially logged in within the 14 day period after the last time stamp, we need need to add 14 days to make sure we dont include them. The lastLogonTimeStamp attribute is only accurate to within 14 days by design (to prevent heavy replication traffic) so you may want to experiment with this value.