none
Script to identify computer lastlogontimestamp and disabled status RRS feed

  • Question

  • Hello,

    I am trying to piece together a script that will perform a few functions.

    First, I need to identify the lastlogontimestamp for all computer accounts over 90 days.  

    From that list I need to add a field that shows if the account is disabled or enabled (a Yes or No to "disabled?" would be perfect).  

    And then from there I need to pipe out the results to a CSV.

    Powershell would be ideal, but open to VBScript as well.

    I have found how perform each function separately, but not how to piece them all together into one script.

    Much thanks in advance!

    Tuesday, August 12, 2014 3:40 PM

Answers

All replies

  • Try this program:

    http://www.joeware.net/freetools/tools/oldcmp/


    -- Bill Stewart [Bill_Stewart]

    Tuesday, August 12, 2014 3:43 PM
    Moderator
  • Thanks for the link, Bill

    That app seems a bit old...written in 2004.  We have 2012 R1/2008 R2 DC's with Win7 workstations.  Plus it looks like it might be for a smaller shop with the app having a default of 10 machine accounts.  I am scanning 9000 computer objects in AD, so I wonder if that utility might not be robust enough for what I am doing.

    Seems like this can be easily done in Powershell, but piecing it together is where I am having issues.

    Any other suggestions?

    Tuesday, August 12, 2014 3:51 PM
  • Hi,

    Post your pieces and the trouble you're having with them.


    EDIT: Also, actually try oldcmp. Don't write it off that fast.


    EDIT2:

    Search-ADAccount -ComputersOnly -AccountInactive -DateTime ([datetime]::Today.AddDays(-90)) |
        Select Name,Enabled,LastLogonDate |
            Sort Name |
                Export-Csv .\inactiveComputers.csv -NoTypeInformation


    Don't retire TechNet! - (Don't give up yet - 12,950+ strong and growing)

    • Edited by Mike Laughlin Tuesday, August 12, 2014 7:20 PM Updated to use -DateTime instead of -TimeSpan
    • Marked as answer by Thorn Gabriel Tuesday, August 12, 2014 7:26 PM
    Tuesday, August 12, 2014 3:53 PM
  • Modern code:

    Search-ADAccount -AccountInactive  -ComputersOnly


    ¯\_(ツ)_/¯

    Tuesday, August 12, 2014 4:02 PM
  • 90 Day rule:

    Search-ADAccount -AccountInactive  -DateTime ([datetime]::Today.AddDays(-90)) -ComputersOnly


    ¯\_(ツ)_/¯

    Tuesday, August 12, 2014 4:04 PM
  • Thanks for the ideas!  So, I have used the following:

    Search-ADAccount -ComputersOnly -AccountInactive -DateTime ([datetime]::Today.AddDays(-90))  |
        Select Name,Enabled,LastLogonDate |
            Sort Name |
                Export-Csv D:\Inactive_AD_Accounts\Computers\AD_Computers_90_days.csv -NoTypeInformation

    I put this into a new .ps1 file and it ran successfully. 

    I get quite a few accounts that get the appropriate output:

    Comp1 TRUE 1/28/2008 12:46
    Comp2 TRUE 1/6/2008 20:48

    And then I get some that do not have anything in the timestamp field

    An example:

    Comp20 TRUE
    Comp21 TRUE

    Any ideas?

    Thanks!!

    Tuesday, August 12, 2014 7:11 PM
  • Hi,

    All that means is that there's no data to return.


    EDIT: I just re-ran this against my environment and I have several machines that also return no data. These are truly ancient machines for me.

    Don't retire TechNet! - (Don't give up yet - 12,950+ strong and growing)

    Tuesday, August 12, 2014 7:13 PM
  • Does that mean they are accounts that are valid and being used?  Or perhaps they never logged into the domain?

    My goal is to disable all of the accounts that show up in the report, but without a time stamp I'm not sure what to make of those.

    Thanks


    Tuesday, August 12, 2014 7:21 PM
  • Does that mean they are accounts that are valid and being used?  Or perhaps they never logged into the domain?

    My goal is to disable all of the accounts that show up in the report, but without a time stamp I'm not sure what to make of those.

    Thanks

    Just updated my post to say that I see a few machines with no data as well and that they're extremely old objects.

    Timing.... =]


    Don't retire TechNet! - (Don't give up yet - 12,950+ strong and growing)

    Tuesday, August 12, 2014 7:23 PM
  • Ha, makes sense.  We have a lot of ancient junk around here, so this will help get rid of it all

    Thanks for the help, Mike!

    Tuesday, August 12, 2014 7:28 PM
  • Cheers, you're very welcome. Glad it all worked out.

    Don't retire TechNet! - (Don't give up yet - 12,950+ strong and growing)

    Tuesday, August 12, 2014 7:30 PM