This script was designed to answer the ever duanting question of: "When did a user last logon?" Since the attribute does not replicate to other domain controllers you are required to get the information from all domain controllers connnected to the domain. It uses command line arguments to pass user name and domain to be searched.
Using QAD we pull from every domain controller, then pull the user from every controller and pipe it into sort-object and then select-object to show just the most recent logon.
$user = $args[0]
$domain = $args[1]
$domain = $domain.tolower()
#Suppress Errors for DC's that have computer accounts but not connected to the domain
$ErrorActionPreference = [System.Management.Automation.ActionPreference]::SilentlyContinue
$WarningPreference = [System.Management.Automation.ActionPreference]::SilentlyContinue
Switch($domain)
{
domain1 {$dom = "my.domain.com"}
domain2 {$dom = "another.domain.int"}
domain3 {$dom = "yet.another.domain.local"}
}
Connect-QADService -service $dom
Get-QADComputer -ComputerRole DomainController -activity "Compiling Domain Controllers in $Domain" | % {
$dc = $_.Name
Get-QADUser -service $dc -samaccountname $User } | sort-object lastLogon -descending | select-object name, lastlogon -first 1
$user = $args[0]
$domain = $args[1]
$domain = $domain.tolower()
#Suppress Errors for DC's that have computer accounts but not connected to the domain
$ErrorActionPreference = [System.Management.Automation.ActionPreference]::SilentlyContinue
$WarningPreference = [System.Management.Automation.ActionPreference]::SilentlyContinue
Switch($domain)
{
domain1 {$dom = "my.domain.com"}
domain2 {$dom = "another.domain.int"}
domain3 {$dom = "yet.another.domain.local"}
}
Connect-QADService -service $dom
Get-QADComputer -ComputerRole DomainController -activity "Compiling Domain Controllers in $Domain" | % {
$dc = $_.Name
Get-QADUser -service $dc -samaccountname $User } | sort-object lastLogon -descending | select-object name, lastlogon -first 1