When a virtual workstation was last logged on?


How can I find out when a virtual workstation was last used / logged onto ?  
...preferably not trawling though event logs.

I want to confirm all the virtual pc's in our fleet are being regularly used, preferably a script that reads a text file - vb or powershell would be good.

Who is Participating?
I've attached a .vbs script that we use to do precisely this.
It records user logon times/machine usage in a users Description field so you can then view this easily from AD Users & Computers.
Run it through group policy.
'This script should be set as a USER login script in an Active Directory GPO. It will populate 
'the 'Description' field in the AD 'Users and Computers' console for both the Computer and
'the User objects with the username of whomever logged in, the name of the PC they logged 
'into, the time they logged into it and which domain controller that they authenticated with.

On Error Resume Next


Dim strDisplayMessage
Dim objSysInfo, objUser, objComputer

Set objSysInfo = CreateObject("ADSystemInfo")

Set objUser = GetObject("LDAP://" & objSysInfo.UserName)
Set objComputer = GetObject("LDAP://" & objSysInfo.ComputerName)
Set objDomain = GetObject("LDAP://rootDse")

objAuthDC = objDomain.Get("dnsHostName")

strDisplayMessage = objUser.CN & " last logged on to " & objComputer.CN & " - " & Now & " - " & objAuthDC & "."

objUser.Description = strDisplayMessage

objComputer.Description = strDisplayMessage


Open in new window

That method is probably fine for a small network, however, I would hesitate using it if you have a large or geographically disperse environment, just purely because it will generate a whole heap of extra information that will replicated between your DC's.

I would suggest that you use a simple logon script that records the username, date and time to a log file on the computer or to a central repository.

For example:




Maybe in an extremely large domain the amount of traffic replicated would be signficant
We have 1500 odd users in 7 different states and there was no noticeable increase in replication traffic after implementing this script.

I find the advantage to doing it this way is all the information is visible in AD next to all the other information instead of having to go searching through a txt file. You can visually see if a user hasn't logged on and delete them without having to go back and forth from a log file to AD Users & Computers.

The only real drawback is if you already use the Decription field for something else.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.