Directory and Resource Administrator 6.x
Directory and Resource Administrator 7.x
Enterprise Administrator 5.00.02
Last logon information is not accurate when a user logs in using a RAS session.
The cause of this issue is that Windows does not generate a timestamp on a Domain Controller when the user logs in using a RAS session.
This is by design. Directory and Resource Administrator (DRA) can only gather logon statistics for user accounts that are actually recorded on the domain controller.
The issue is due to Microsoft not generating a timestamp on a domain Controller when a user logs on during a RAS session or Dial up Session. In this situation, no timestamp is generated on a DC , therefore neither Enterprise Administrator or DRA has anything to gather on the DC to report on.
For example, assume you are using VPN sessions and Windows 98 clients to connect to the domain. When a user logs on through a VPN session, using the Win98 clients, a last logon timestamp is not generated on a DC. VPN connections with a 98 client are similar to RAS into a server. The VPN simply authenticates the account and the user never truly logs on to the domain. Hence, a timestamp is never created on a DC.
A typical troubleshooting technique is to use the Usrstat utility with the NT Resource Kit. This utility displays logon stats per DC. Have the user log in with the VPN session and 98 clients, or via the dial-up, and check to see if a timestamp is generated on a DC for that user.