This PowerShell script retrieves the values of lastLogon and logonCount for every user account on each domain controller (DC) in the domain. The script outputs the latest lastLogon value and the total logonCount over all DCs for each user.

The lastLogon and logonCount attributes are not replicated between domain controllers. Each DC has a different value for each user, reflecting the last time the user authenticated and the number of times the user authenicated on the DC. This PowerShell script retrieves these values for all users on every DC, then for each user outputs the latest lastLogon and the cumulative total logonCount.
The logonCount attribute is a 32-bit integer. The lastLogon attribute is LargeInteger, a 64-bit integer representing a datetime as the number of 100-nanosecond intervals (ticks) since 12:00 am January 1, 1601. The value is in Coordinated Universal Time (or UTC after the French acronym), which used to be called GMT. The script converts the lastLogon 64-bit integer into a friendly datetime value in the time zone of the local client.
The script is coded in PowerShell version 1. Error trapping allows the script to flag any errors on any DC without halting the script. The output is comma delimited and can be redirected to a text file with csv extension. Error messages are not redirected, but appear at the command prompt.
Example output:
Bash/shell
Edit|Remove
DN (NTName),Last Logon,Total Logon Count 
"CN=Jim Smith,OU=West,DC=Domain,DC=com (jsmith)",11/29/2018 17:47:37,56 
"CN=Sally Wilson,OU=West,DC=Domain,DC=com (swilson)",12/12/2018 06:31:09,125 
"CN=Jane Johnson,OU=East,DC=Domain,DC=com (jjohnson)",12/05/2018 11:05:13,43 
"CN=Roger Franks,OU=East,DC=Domain,DC=com (rfranks)",08/28/2018 09:43:51,21 
 The format for Last Logon depends on the current culture.

The script follows:

PowerShell
Edit|Remove
# AllLastLogonAndCount.ps1 
# For each user account found on each domain controller in the domain this 
# PowerShell script retrieves the values of logonCount, and lastLogon. The 
# script retains the latest lastLogon value and the total logonCount for each 
# user over all DCs. 
 
# Author: Richard L. Mueller 
# Version 2.1 - December 202018 
 
# Retrieve information for the current domain. 
$D = [system.directoryservices.activedirectory.Domain]::GetCurrentDomain() 
$Domain = [ADSI]"LDAP://$D" 
 
# Setup the DirectorySearcher object. 
$Searcher = New-Object System.DirectoryServices.DirectorySearcher 
$Searcher.PageSize = 200 
$Searcher.SearchScope = "subtree" 
 
# Filter on all enabled users. 
$Searcher.Filter = "(&(objectCategory=person)(objectClass=user)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))" 
# To find all users, whether enabled or not, use this filter. 
# $Searcher.Filter = "(&(objectCategory=person)(objectClass=user))" 
 
# Specify attribute values to retrieve. 
$Searcher.PropertiesToLoad.Add("distinguishedName") > $Null 
$Searcher.PropertiesToLoad.Add("sAMAccountName") > $Null 
$Searcher.PropertiesToLoad.Add("logonCount") > $Null 
$Searcher.PropertiesToLoad.Add("lastLogon") > $Null 
 
# Hash table of users and lastLogon. 
# Key is user DN, value is latest lastLogon. 
$UserLast = @{} 
 
# Hash table of users and logonCount. 
# Key is user DN, value is cumulative total logonCount. 
$UserCount = @{} 
 
# Query every domain controller in the domain. 
ForEach ($DC In $D.DomainControllers) 
{ 
    # Ping each domain controller. 
    If (ping $DC -n 1 -w 1000 | find "Reply from") 
    { 
        # DC responded. 
        # Trap any error, but do not halt the script. The error message 
        # will not be redirected, but will display at the prompt. 
        Trap {Write-Host "DC $Server - $_" ` 
            -foregroundcolor red -backgroundcolor black; Continue;} 
        $Server = $DC.Name 
        $Results = $Null 
        # Specify the DC and the domain in the Base of the query. 
        $Base = "LDAP://$Server/" + $Domain.distinguishedName 
        $Searcher.SearchRoot = $Base 
        $Results = $Searcher.FindAll() 
        If($Results) 
        { 
            # Enumerate all users found on this DC. 
            ForEach ($Result In $Results) 
            { 
                # Retrieve the values for this user on this DC. 
                $DN = $Result.Properties.Item("distinguishedName") 
                $NTName = $Result.Properties.Item("sAMAccountName") 
                $Key = "$DN ($NTName)" 
                $LogonCount = $Result.Properties.Item("logonCount")[0] 
                If (-Not $LogonCount) {$LogonCount = 0} 
                $LL = $Result.Properties.Item("lastLogon")[0] 
                If (-Not $LL) {$LL = 0} 
                $Last = ([DateTime]$LL).AddYears(1600).ToLocalTime() 
                # Check if user has been seen. 
                If ($UserLast.ContainsKey($Key)) 
                { 
                    # Retain the latest lastLogon value. 
                    If ($Last -gt $UserLast[$Key]) {$UserLast[$Key] = $Last} 
                } 
                Else 
                { 
                    # Add this user to the hash table. 
                    $UserLast.Add($Key, $Last) 
                } 
                # Check if user has been seen, and logonCount greater than 0. 
                If ($UserCount.ContainsKey($Key) -And ($LogonCount -gt 0)) 
                { 
                    # Add logonCount to the total. 
                    $UserCount[$Key] = $UserCount[$Key] + $LogonCount 
                } 
                Else 
                { 
                    # Add this user to the hash table. 
                    $UserCount.Add($Key, $LogonCount) 
                } 
            } 
        } 
    } 
    Else 
    { 
        Write-Host "DC $DC is not available -foregroundcolor red -backgroundcolor black" 
    } 
} 
 
# Output a header line, comma delimited. 
"DN (NTName),Last Logon,Total Logon Count" 
# Enumerate all users found. 
ForEach ($DN In $UserLast.Keys) 
{ 
    $LastLogon = $UserLast[$DN] 
    If ($LastLogon -lt ([DateTime]0).AddYears(1602).ToLocalTime()) 
    { 
        $LastLogon = "Never" 
    } 
    If ($UserCount.ContainsKey($DN)) {$Total = $UserCount[$DN]} 
    Else {$Total = 0} 
    # Output comma delimited. Distinguished names are quoted because they have 
    # embedded commas. 
    """$DN"",$LastLogon,$Total" 
}