Solved

I need help with a script to pull information from AD

Posted on 2012-12-21
3
213 Views
Last Modified: 2012-12-27
I found a script that is suppost to login and logout information.  I need to find login and logout information about a user and the event logs don't go back that far.  I would think that AD would have that information.  Here is the script that I have.  I am useing Server 2008 R2 SP1.  I would like some help to figure this out.  I know that the computer is wrong but, I don't know have to intergrate the user.  I will be using the SAMname.  The information is from a month back.  I am not sure how long AD keeps that information.
 

$UserProperty = @{n="User";e={(New-Object System.Security.Principal.SecurityIdentifier
 $_.ReplacementStrings[1]).Translate([System.Security.Principal.NTAccount])}}
 $TypeProperty = @{n="Action";e={if($_.EventID -eq 7001) {"Logon"} else {"Logoff"}}}
 $TimeProeprty = @{n="Time";e={$_.TimeGenerated}}
 Get-EventLog System -Source Microsoft-Windows-Winlogon -ComputerName $Computer name goes here | select $UserProperty,$TypeProperty,$TimeProeprty
 

Thanks for your help.
0
Comment
Question by:FAC_IT
3 Comments
 
LVL 6

Expert Comment

by:mo_patel
ID: 38713677
download AD info free Edition it has pre built scripts to do this for u automatically...

saves u time writing your own....

www.cjwdev.co.uk
0
 

Author Comment

by:FAC_IT
ID: 38713742
That looks like a nice product but, I need the login history of a user.
0
 
LVL 17

Accepted Solution

by:
Learnctx earned 500 total points
ID: 38715054
If you haven't documented it with your logon script or have not been scrapping the eventlogs then you won't be able to go back and view the history. I know for us, the event logs on our domain controllers hold logs for around 1-2 minutes before rolling over. We use software to grab the logs and record them into a SQL database. We also have logon and logoff scripts which write back to other databases recording when users are logging on and off.
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article outlines the process to identify and resolve account lockout in an Active Directory environment.
In-place Upgrading Dirsync to Azure AD Connect
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question