In large Active Directory environments it is always a challenge for administrators to track down the users which have not logged on for while because they have either left the organization or were initially created twice due to some misunderstanding by Human Resource Department.
This thing impacts licensing cost as well as capacity planning.
In order to get a list of all users with their last log on time stamp, we can use combination of some commands and a script that will export the information in a ".CSV" file for our convenience.
Domain Name: relic.org
Temporary Location on a DC: C:\Scripts
Pre-Built Module Name: "GetADUserLastLogonTime.psm1" (Available Here) Tech Net Gallery Link
Create a new folder on one of your domain controllers on a suitable location.
I have used following example for this purpose
C:\Scripts
Log on to the domain controller and run following command
Get-ADUser -Filter * -SearchBase "DC=relic,DC=org" -ResultPageSize 0 | ft SamAccountName >>c:\Scripts\SamAccountNames.csv
This command will extract a list of user names to the desired destination in ".CSV" format
Open this file and remove blank rows, blank spaces and any rows with dotted line (----) from the list and save changes.
Here is an example of correct and incorrect file data for next steps
A pre-built script is used to perform two actions
(A) Read the list of users we created in step 2
(B) Put the last logon time stamps against each user ID
So first we will import this module into domain controller server using this command
Import-Module C:\Scripts\GetADUserLastLogonTime.psm1
Run the following command to
Get List of Users, Put last logon time stamps against each and Export to another new ".CSV" file which is going to be our final output file
Get-OSCLastLogonTime -CsvFilePath "C:\Scripts\SamAccountNames.csv" >>c:\Scripts\LogOnDetails.csv
The result might look like as shown in screen shot below
Please note that encircled SAM accounts are the one which have never logged on and that is why they are all showing the same unrealistic time stamp.
This thing impacts licensing cost as well as capacity planning.
In order to get a list of all users with their last log on time stamp, we can use combination of some commands and a script that will export the information in a ".CSV" file for our convenience.
Environment:
Domain Name: relic.org
Temporary Location on a DC: C:\Scripts
Pre-Built Module Name: "GetADUserLastLogonTime.psm1" (Available Here) Tech Net Gallery Link
Step 1-
Create a new folder on one of your domain controllers on a suitable location.
I have used following example for this purpose
C:\Scripts
Step 2-
Log on to the domain controller and run following command
Get-ADUser -Filter * -SearchBase "DC=relic,DC=org" -ResultPageSize 0 | ft SamAccountName >>c:\Scripts\SamAccountNames.csv
This command will extract a list of user names to the desired destination in ".CSV" format
Step 3-
Open this file and remove blank rows, blank spaces and any rows with dotted line (----) from the list and save changes.
Here is an example of correct and incorrect file data for next steps
Step 4-
A pre-built script is used to perform two actions
(A) Read the list of users we created in step 2
(B) Put the last logon time stamps against each user ID
So first we will import this module into domain controller server using this command
Import-Module C:\Scripts\GetADUserLastLogonTime.psm1
Step 5-
Run the following command to
Get List of Users, Put last logon time stamps against each and Export to another new ".CSV" file which is going to be our final output file
Get-OSCLastLogonTime -CsvFilePath "C:\Scripts\SamAccountNames.csv" >>c:\Scripts\LogOnDetails.csv
The result might look like as shown in screen shot below
Please note that encircled SAM accounts are the one which have never logged on and that is why they are all showing the same unrealistic time stamp.
