Resolution
Where does Directory and Resource Administrator get the timestamp for the 'Last Bad Password' field?
fact
Directory and Resource Administrator 6.x
fact
Directory and Resource Administrator 7.x
fix
The timestamp displayed in the Last Bad Password field, along with 4 additional properties on the Statistics tab, are retrieved from the domain controller that Directory and Resource Administrator (DRA) binds to.
The following 4 properties are retrieved by Directory and Resource Administrator (DRA) from the domain controller. The following information is replicated by Active Directory to all domain controllers:
- logonCount: Number of logos Authenticated
- badPasswordTime: Last Bad Password
- badPwdCount: Incorrect Password Attempts
- pwdLastSet: Password last changed
The timestamp for the Last logon is held on each domain controller and is gathered by the DRA agents service. Thus, in order to view the Last logon timestamp, the DRA Agent must be installed on all domain controllers.
This issue is resolved in Directory and Resource Administrator (DRA) 7.5 and later. Upgrade to the latest version of DRA to resolve this problem.
note
The timestamp displayed for the BadPasswordTime property is the GMT time of the DC that the user was trying to authenticate to when he incorrectly entered the password. The web console in DRA 7.0 and in 6.6 did not convert the time to the local time of the client machine while the GUI interface does.
In DRA 7.5 the 32-bit GUI and the web console display the time stamp in the same format.