<mutter; darn touch pads> In the last email I was describing using auditing on the Exchange servers and cross-referencing the information. You may, depending on your organization, be able to use the last time they log into the network period. There're are several scripts available on the 'net to give that type of information. Tools that would be helpful here would be things like MOM and NetIQ AppAnalyzer. I think AppAnalyzer would be better for this type of report, but I haven't been able to afford to find out so far. Al -----Original Message----- From: Stelley, Douglas [mailto:dstelley@xxxxxxx] Sent: Wednesday, October 15, 2003 10:03 AM To: [ExchangeList] Subject: [exchangelist] Exchange tool AD: Get Thawte's New Step-by-Step SSL Guide for MSIIS: http://www.msexchange.org/thawte/ I've been tasked to provide a report that show when users last opened their mailbox. In ESM, I can go to mailboxes and there is a column "Last Logon Time". This is no good, as each mailbox is touched by "NT AUTHORITY\SYSTEM" too often to be of any use. I need to know when the user got in, not the system. Does anyone know of, or use any such tool? On a similar note, besides the Mailbox Manager, is there any other process that would be using "NT AUTHORITY\SYSTEM" to touch a mailbox? If I stopped, or only ran the management process, say once a month, could I then use the "Last Logon Time" in mailboxes for this report? p.s. the boss wants to know who doesn't yet use the email they've so generously provided..... Doug Stelley Network Administrator Olean General Hospital Get Thawte's New Step-by-Step SSL Guide for MSIIS Find out how to test, purchase, and install a Thawte Digital Certificate on your MSIIS web server: http://www.msexchange.org/thawte/ ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: al.mulnick@xxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') Confidentiality Notice: The information contained in this message may be legally privileged and confidential information intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient, or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that any release, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error please notify the author immediately by replying to this message and deleting the original message. Thank you.