Powershell script to check the modification date of particualr computer accounts

I want to runa powershell script that chedks the modification date of computer accounts in a a particular ou. Ir xx.local\test OU. I would like this to output to a csv file. Furthermore, If possible I would like to only have the script flagg accoutns that have not been modifes in 48 hours.
ullmannericAsked:
Who is Participating?
 
FDiskWizardCommented:
This will give you a list of computers and last modified (WhenChanged attribute)

get-QADComputer -includedproperties whenchanged -SearchRoot 'my.local/ComputersOU' | select name,whenchanged | sort -descending whenchanged | export-csv -NoTypeInformation C:\MyDocs\computers.csv


0
 
FDiskWizardCommented:
PS: The 2 day timeframe can be done, and I have done something like that before on users, but I don't have time to provide that right now... Sorry.
0
 
ullmannericAuthor Commented:
When I run your script and change the seeting to apply . I keep getting cannot resolve directory object for the given identity.

xx.xxx.com/xx/xxOU
0
Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

 
ullmannericAuthor Commented:
I fiqured out what was wrong now I will just need to fiqure out the two day thing
0
 
AwinishCommented:
OLDcmp from Joe Richard is the way to go.Download OLDCMP tool from Jo’e site & for cmd/usage see the below in the link.

http://joeware.net/freetools/tools/oldcmp/index.htm
0
 
FDiskWizardCommented:
Yeah, Joe has some good tools. Just be careful.. they could be deadly when modifying accounts.
If modifying do some testing on a small OU, or test OU.

One other note... and it shouldn't matter with LastModified.
But would matter for lastlogon...

If I recall, Joe's tools don't look at multiple DCs. If you just have one site, you may have better results. Lastlogon isn't normally replicated between DCs. So if a user is always logging into a DC in SITE2, Site1 will never see it... except maybe your PDC emulator.
When in full Windows 2003 Native/Functional there is a reg tweak to do replication of last logons.

0
 
FDiskWizardCommented:
Actually, the timeframe thing is easy with GET-QADComputer, it has an option to specify.

Get-QADComputer -service MYDC01 -searchRoot My.local/Computers   -LastChangedBefore 01/11/2011
0
 
AwinishCommented:
If DFL/FFL is at windows 2003 lastlogontimestamp attribute is replicated to all DC.
http://blogs.technet.com/b/askds/archive/2009/04/15/the-lastlogontimestamp-attribute-what-it-was-designed-for-and-how-it-works.aspx

Joe's tool check & compare this value, i have seen where dsquery & other tool gives conflicting report Joe's oldcmp is best.
0
 
FDiskWizardCommented:
An example from Get-ADComputer (activeDirectory module vs Quest...) which shows how to compare Date when there isn't something built-in
$d = [DateTime]::Today.AddDays(-90); Get-ADComputer -Filter 'PasswordLastSet -ge $d' -Properties PasswordLastSet | FT Name,PasswordLastSet

Should work fine with LastChanged attribute also.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.