Solved

Help with a powershell script to retrieve lastlogon from all DCs

Posted on 2011-09-03
10
943 Views
Last Modified: 2012-05-12
I have a script that currently queries all of our DCs, for the lastlogon of a user. I have to query all DCs because this field isn't replicated between DCs.
LastLogonTimestamp is replicated, but it doesn't meet our needs, because is usually different from any of the last logons, sometimes by a week.

The commands I use are;

get-QADUser 'username'  -Service dc01 | Select-Object Name,lastlogon
get-QADUser 'username'  -Service dc02 | Select-Object Name,lastlogon
get-QADUser 'username'  -Service dc03 | Select-Object Name,lastlogon
get-QADUser 'username'  -Service dc04 | Select-Object Name,lastlogon
get-QADUser 'username'  -Service dc05 | Select-Object Name,lastlogon

Is there any better way to query the DCs for the same information? also, It would be great if it only returned the most recent from all.

Thanks
0
Comment
Question by:LindyS
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
10 Comments
 
LVL 26

Accepted Solution

by:
gtworek earned 500 total points
ID: 36477585
Something like this?
$lastlogon=(get-date).AddYear(-100)
foreach $dc in (Get-QADComputer | where { $_.ComputerRole -eq "DomainController"})
{
 $tempd=(get-QADUser 'username'  -Service $dc | Select-Object Name,lastlogon)
 if ($tempd -gt $lastlogon)
 {
  $lastlogon=$tempd
 }
}

Open in new window


0
 
LVL 26

Expert Comment

by:gtworek
ID: 36477586
Sorry for a typo. The first line should be: $lastlogon=(get-date).AddYears(-100)
0
 
LVL 3

Author Comment

by:LindyS
ID: 36477609
It almost works, but I get the following error for all 5 DCs.


Get-QADUser : Server not exist or could not be contacted: Domain\DC01$
At C:\users\scripts\test.ps1:17 char:21
+  $tempd=(get-QADUser <<<<  'username'  -Service $dc | Select-Object Name,lastlogon)
+ CategoryInfo          : NotSpecified: (:) [Get-QADUser], ServerNotOperationalException
+ FullyQualifiedErrorId : Quest.ActiveRoles.ArsPowerShellSnapIn.DirectoryAccess.ServerNotOperationalException,Quest.ActiveRoles.ArsPowerShellSnapIn.Powershell.Cmdlets.GetUserCmdlet
0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 
LVL 3

Author Comment

by:LindyS
ID: 36477658
Working with what gtworek provided, I have come up with;
$dcs = Get-Content "C:\temp\serverlist.txt"
 foreach($dc in $dcs){ get-QADUser 'username'  -Service $dc | Select-Object Name,lastlogon}

It was taking way too long to query all of the computers looking for domain controllers. By putting them in a text file it sped the query qlot.

Any ideas on how to return only the most recent lastlogon?
0
 
LVL 16

Expert Comment

by:Dale Harris
ID: 36477777
You'd be better of getting the "LastLogonTimestamp" and just using the info from one DC provided you didn't need them any more recent than 9-14 days.  Here's why:
http://blogs.technet.com/b/askds/archive/2009/04/15/the-lastlogontimestamp-attribute-what-it-was-designed-for-and-how-it-works.aspx

I would verify that they are old/stale users, but for the most part that should fix it.

Here's some code I found from a Quest scripting guy:

# calculate a deadline date. (now minus 60 days)
$deadline = (Get-Date).AddDays(-60).ToFileTimeUtc()

#construct a ldap query
$ldapQuery = '(|(!(lastLogonTimeStamp=*))(lastLogonTimeStamp<=' + $deadline + '))'

#run this query
Get-QADUser -Enabled -SizeLimit 0 -LdapFilter $ldapQuery

#Script from:http://powergui.org/thread.jspa?threadID=8218

HTH,

Dale Harris
0
 
LVL 3

Author Comment

by:LindyS
ID: 36495298
I've requested that this question be deleted for the following reason:

It turns out that the reason I wanted this script is not going to work for me.
0
 
LVL 26

Expert Comment

by:gtworek
ID: 36495299
Does it crash with error? Or provides wrong results? Or gives you useless information?
Please give us more information why it is not what you expected.
0
 
LVL 3

Author Comment

by:LindyS
ID: 36495365
No, It works, but I was trying to get to where I could disable bulk users after I ran this to get the inactive ones.
It turns out that I cannot modify users with a script in our organization, so I've been wasting my time trying to get to a solution.

Thanks for the help anyway.
0
 
LVL 3

Author Closing Comment

by:LindyS
ID: 36508609
Thanks for the help.
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

A quick Powershell script I wrote to find old program installations and check versions of a specific file across the network.
Recently we ran in to an issue while running some SQL jobs where we were trying to process the cubes.  We got an error saying failure stating 'NT SERVICE\SQLSERVERAGENT does not have access to Analysis Services. So this is a way to automate that wit…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question