IT Support Providers can use Quest (CU's Active Directory tool) to query CU's LDAP for email forwarding and date/ time someone's password was change (by them, or scrambled by IT Security).

Email forwarding

Password change

  1. In Quest, look up an AD at the TOP (cornell.edu) level.
  2. Right-click NetID and select Advanced Properties
  3. At bottom, left, select both "Show all possible attributes" AND "Include attributes with empty values".
  4. Look for property "pwdLastSet"
  5. Date value is given in Integer8 format (such as 131098052949416065), so must use a converter. Such as:
    • https://www.epochconverter.com/ldap

    • In Windows (command line) use: w32tm.exe /ntte

      • Example: w32tm.exe /ntte 131098052949416065

        • Result given: Epoch/Unix time: 1465331695
          GMT: Tue, 07 Jun 2016 20:34:55 GMT
          Your time zone: 6/7/2016, 4:34:55 PM

Keywords:

Interger8 (sic), interger (sic), integer

 

Sub-pages

Directory look-up tips from CIT

Other useful attributes: cornelleduactivateddt and cornelledumailroutingtime

  • No labels