Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Powershell / Quest cmdlets script that would get the lastlogon for all users in the domain

Posted on 2013-11-15
6
Medium Priority
?
1,022 Views
Last Modified: 2013-11-26
Powershell / Quest cmdlets script that would get the lastlogon for all users in the domain.

This is what I have, but the lastlogon is incorrect because it does not query all of the Domain Controllers.  I would like someone to help me achieve this please.

get-qaduser –sizelimit 0 -IncludeAllProperties | select samaccountname,displayname,accountisdisabled,lastlogon,dn,parentcontainerdn,homemdb,msexchhomeservername | export-csv c:\UserStats_Report.csv -notype
0
Comment
Question by:mjm21
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 40

Expert Comment

by:Subsun
ID: 39651549
0
 
LVL 40

Expert Comment

by:Subsun
ID: 39651702
And if you want to use Quest commands then try..

$domain = "Domain.com" 
$myForest = [System.DirectoryServices.ActiveDirectory.Forest]::GetCurrentForest() 
$domaincontrollers = $myforest.Sites | % { $_.Servers } | Select Name 

Get-QADUser -SizeLimit 0 -dudip -Ip samaccountname,displayname,accountisdisabled,lastlogon,dn,parentcontainerdn,homemdb,msexchhomeservername | % {

$User = $_

$RealUserLastLogon = $null 
$domainsuffix = "*."+$domain 

foreach ($DomainController in $DomainControllers)  
{ 
    if ($DomainController.Name -like $domainsuffix ) 
    { 	Connect-QADService $DomainController.Name | Out-Null
        $UserLastlogon = (Get-QADUser $User.samaccountname -dudip -Ip lastlogon).lastlogon
        if ($RealUserLastLogon -le $UserLastlogon) 
        { 
            $RealUserLastLogon = $UserLastlogon
        }
    } 
}
	New-Object PSObject -Property @{
	samaccountname = $User.samaccountname
	displayname = $User.displayname
	accountisdisabled = $User.accountisdisabled
	lastlogon = $RealUserLastLogon
	dn = $User.dn
	parentcontainerdn = $User.parentcontainerdn
	homemdb = $User.homemdb
	msexchhomeservername = $User.msexchhomeservername
	}
} | select samaccountname,displayname,accountisdisabled,lastlogon,dn,parentcontainerdn,homemdb,msexchhomeservername
| Export-Csv C:\report.csv -nti

Open in new window

0
 

Author Comment

by:mjm21
ID: 39651809
Ok - this will check all domain controllers?
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 

Author Comment

by:mjm21
ID: 39651822
Run and get this error:  

An empty pipe element is not allowed.
At line:34 char:1
0
 

Author Comment

by:mjm21
ID: 39651894
Ok - it is working now.
0
 
LVL 40

Accepted Solution

by:
Subsun earned 2000 total points
ID: 39651990
There is a type.. You need to change the last lines to
} | select samaccountname,displayname,accountisdisabled,lastlogon,dn,parentcontainerdn,homemdb,msexchhomeservername |
Export-Csv C:\report.csv -nti

Open in new window

0

Featured Post

Learn Veeam advantages over legacy backup

Every day, more and more legacy backup customers switch to Veeam. Technologies designed for the client-server era cannot restore any IT service running in the hybrid cloud within seconds. Learn top Veeam advantages over legacy backup and get Veeam for the price of your renewal

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
Let's recap what we learned from yesterday's Skyport Systems webinar.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
Suggested Courses

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question