Solved

I need help with a script to pull information from AD

Posted on 2012-12-21
3
206 Views
Last Modified: 2012-12-27
I found a script that is suppost to login and logout information.  I need to find login and logout information about a user and the event logs don't go back that far.  I would think that AD would have that information.  Here is the script that I have.  I am useing Server 2008 R2 SP1.  I would like some help to figure this out.  I know that the computer is wrong but, I don't know have to intergrate the user.  I will be using the SAMname.  The information is from a month back.  I am not sure how long AD keeps that information.
 

$UserProperty = @{n="User";e={(New-Object System.Security.Principal.SecurityIdentifier
 $_.ReplacementStrings[1]).Translate([System.Security.Principal.NTAccount])}}
 $TypeProperty = @{n="Action";e={if($_.EventID -eq 7001) {"Logon"} else {"Logoff"}}}
 $TimeProeprty = @{n="Time";e={$_.TimeGenerated}}
 Get-EventLog System -Source Microsoft-Windows-Winlogon -ComputerName $Computer name goes here | select $UserProperty,$TypeProperty,$TimeProeprty
 

Thanks for your help.
0
Comment
Question by:FAC_IT
3 Comments
 
LVL 6

Expert Comment

by:mo_patel
ID: 38713677
download AD info free Edition it has pre built scripts to do this for u automatically...

saves u time writing your own....

www.cjwdev.co.uk
0
 

Author Comment

by:FAC_IT
ID: 38713742
That looks like a nice product but, I need the login history of a user.
0
 
LVL 16

Accepted Solution

by:
Learnctx earned 500 total points
ID: 38715054
If you haven't documented it with your logon script or have not been scrapping the eventlogs then you won't be able to go back and view the history. I know for us, the event logs on our domain controllers hold logs for around 1-2 minutes before rolling over. We use software to grab the logs and record them into a SQL database. We also have logon and logoff scripts which write back to other databases recording when users are logging on and off.
0

Join & Write a Comment

In this previous article (https://oddytee.wordpress.com/2016/05/05/provision-new-office-365-user-and-mailbox-from-exchange-hybrid-via-powershell/), we made basic license assignments to users in O365. When I say basic, the method is the simplest way …
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now