We noticed that in Active Directory configured at Windows Server 2019 reset password is changing lastLogonTimestamp. Is it correct behavior?
Interactive, Network, and Service logons will update the lastLogontimeStamp . So if a user logs on interactively, browses a network share, access the email server, runs an LDAP query etc… the lastLogontimeStamp attribute will updated if the right condition is met.
The lastLogontimeStamp attribute is not updated every time a user or computer logs on to the domain. The decision to update the value is based on the current date minus the value of the ( ms-DS-Logon-Time-Sync-Interval attribute minus a random percentage of 5).
For more information , you can refer to the following link:
When you reset the password through the ADUC, It will not effect the lastLogonTimestamp attribute .
The Lastlogon attribute will change immediately, but not the lastLogonTimestamp attribute.
6 people are following this question.