Get Active Directory User Last Logon

This script provides Active Directory administrators the ability to quickly and easily identify the exact last logon date and time for a user account.

4.5 Star
37,175 times
Add to favorites
Active Directory
E-mail Twitter Digg Facebook
  • Wild card?
    1 Posts | Last post December 09, 2016
    • Great!  Can I search by wildcard?  I would like last login for ALL my users.  How can I * the user name?  Or perhaps a script to export the usernames, and pass them into this script?
  • Show username instead of DC
    2 Posts | Last post November 11, 2015
    • When I run the script it returns the DC and not the user name. I have tested with a variety of users who are logged in. Is there a way to return the computer name they logged in to last?
    • AD does not keep track of which client computer any user logs into. If you want to know which computer each user last used, the only solution I know of is a logon script that appends username, computername, and datetime to a shared text log file. This can be done with a simple batch file logon script configured in a Group Policy. If the fields are comma delimited, the log file can be imported into Excel where you can sort any way you wish.
  • Tweak
    3 Posts | Last post October 14, 2015
    • I found that this minor tweak is very helpful for me as I manage three different domain:
      $domain = [System.DirectoryServices.ActiveDirectory.domain]::GetCurrentdomain()
      Nice simple script it has come in handy over the last year or so when we need to determine if we have abandoned AD accounts.
    • I changed it to:
      $domain = Get-ADDomain | select -ExpandProperty NetBIOSName
      and put it in my usual variables below Import-Module ActiveDirectory.  I'm glad to see there's another way to do it.
    • Sorry, I mean:
      $domain = Get-ADDomain | select -ExpandProperty ParentDomain
  • Add for multiple users, multiple properties and export-csv
    1 Posts | Last post October 14, 2015
    • Hi,
      I realize this is over two years old, but I'm having trouble modifying this a bit.
      Obviously I just kick out the $samAccountName and rewrite the Get-ADUser line to get it over to run against everyone, but I also need it to select more properties than just LastLogon and export it to a CSV with the results.  The issue is when I add more properties | select | sort, I get the following error:
      Missing '=' operator after key in hash literal.
      At <PATH OMITTED>\Get_User_Last_Logon_V1.1.ps1:49 char:13
      +         if ( <<<< $RealUserLastLogon -le [DateTime]::FromFileTime($UserLastlogon.LastLogon)) 
          + CategoryInfo          : ParserError: (:) [], ParentContainsErrorRecordException
          + FullyQualifiedErrorId : MissingEqualsInHashLiteral
      Any idea on how to rewrite it to do these things?
  • is there any way to get inactive user account in AD?
    1 Posts | Last post October 19, 2014
    • is there any way to get inactive user account in AD?
  • tweak
    1 Posts | Last post July 23, 2014
    • very minor tweak:
      $domain = $env:USERDNSDOMAIN
  • Narrow DC Parameters
    2 Posts | Last post June 02, 2014
    • From what I see this script looks at all the DC's in the specified domain. Lets say your domain has 100 DC's but the users you are looking for only authenticate to 3 DC's out of 100..... Is there a way to narrow the script to look at only those 3 DC's?
    • Explicitly name the domain controllers that you need to interrogate
      change the line that says
          $domaincontrollers = $myforest.Sites | % { $_.Servers } | Select Name
          $domaincontrollers = @("dc1", "dc2", "dc3")
      ... that should work it for ya
  • change the format hour and date
    1 Posts | Last post March 12, 2014
    • Good day
      I´m from colombia and the format of hour and date presented by the script it me is confused since this one in format mm/dd/aaaa HH:mm and for my system and facility I need that this in dd/mm/aaaa hh:mm that tendria that to modify or to add to achieve this
      Thank you
  • Powershell script in Orchestrator
    2 Posts | Last post February 11, 2014
    • I want to get the lastlogon of user's that didn't log in on the last 90 days. I can use this script in the "Run .net Script" of Orchestrator?
      Can U help me?
    • I believe you can. Just make sure that AD tools and commands features are installed on the Orchestrator Runbook server. Also, you need to request the sAMAccountName through Orchestrator and pass it to the script as a variable.
  • How to find users who login on computers
    2 Posts | Last post February 11, 2014
    • Hi
      I am sorry that I disturb you but I should mention I am not an IT professional. I found your script interesting but I do not how to  write it in power shell and how to use it. Can you explain me the basic rules of using power shell like how I can start entering commands and at the end how I should save it?
      By the way my problem is about find users who login on computers. It is very important for me to find out the users who used a same computer with their domain username and i want to do it through active directory. Also I should mention we use windows server 2008r2.
    • Hi Amir,
      To keep it simple, you need to run the script on a computer that has RSAT installed with AD tools and commands features enabled. You need to copy the script to this computer and then run Powershell. When it opens, browse to the location of the script and then run it from there. The script will ask you for the sAMAccountName of the user to check.
1 - 10 of 24 Items