We're running a windows 2012 server for our AD and Linux ubuntu workstations using SSSD configured using https://help.ubuntu.com/lts/serverguide/sssd-ad.html

Working like a dream and everything is as expected. 

We now have a requirement to disable inactive user accounts after 30 days. I've used a couple of tools like oldcmp and powershell scripts to get userdata out of AD, but there seems to be no lastLogon data for users using SSSD to log into workstations. 

I've used the powershell script at https://technet.microsoft.com/en-us/library/dd378867(v=ws.10).aspx to gather my information. 

Has anybody experiances this, or know how to get around this to see the last time a user used SSSD/AD to log into a Linux workstation ? 

Regards

Henti 
--