Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

I need help with a script to pull information from AD

Posted on 2012-12-21
3
Medium Priority
?
220 Views
Last Modified: 2012-12-27
I found a script that is suppost to login and logout information.  I need to find login and logout information about a user and the event logs don't go back that far.  I would think that AD would have that information.  Here is the script that I have.  I am useing Server 2008 R2 SP1.  I would like some help to figure this out.  I know that the computer is wrong but, I don't know have to intergrate the user.  I will be using the SAMname.  The information is from a month back.  I am not sure how long AD keeps that information.
 

$UserProperty = @{n="User";e={(New-Object System.Security.Principal.SecurityIdentifier
 $_.ReplacementStrings[1]).Translate([System.Security.Principal.NTAccount])}}
 $TypeProperty = @{n="Action";e={if($_.EventID -eq 7001) {"Logon"} else {"Logoff"}}}
 $TimeProeprty = @{n="Time";e={$_.TimeGenerated}}
 Get-EventLog System -Source Microsoft-Windows-Winlogon -ComputerName $Computer name goes here | select $UserProperty,$TypeProperty,$TimeProeprty
 

Thanks for your help.
0
Comment
Question by:FAC_IT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 6

Expert Comment

by:mo_patel
ID: 38713677
download AD info free Edition it has pre built scripts to do this for u automatically...

saves u time writing your own....

www.cjwdev.co.uk
0
 

Author Comment

by:FAC_IT
ID: 38713742
That looks like a nice product but, I need the login history of a user.
0
 
LVL 17

Accepted Solution

by:
Learnctx earned 1500 total points
ID: 38715054
If you haven't documented it with your logon script or have not been scrapping the eventlogs then you won't be able to go back and view the history. I know for us, the event logs on our domain controllers hold logs for around 1-2 minutes before rolling over. We use software to grab the logs and record them into a SQL database. We also have logon and logoff scripts which write back to other databases recording when users are logging on and off.
0

Featured Post

Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question