How to obtain what PC's are 'live' on AD (i.e. has logged on since 45 days)?

hi guys,

I have a call in around one hours time and needed to provide information as to what computer accounts are 'live' or have logged onto the network over the last 45 days? Is there anything I can do to speed the process up?

I have an actual list of ALL of the PC's. There's around 800 entries!

Thanks
Yashy
LVL 1
YashyAsked:
Who is Participating?
 
becraigConnect With a Mentor Commented:
The script takes a list just like what you described - with no need for a header column.

Get-adcomputer is not looking for anything in the file let me tell you what the script does.:

#imports the AD module so we can query information in the AD
import-module activedirectory
#Sets the time we use for calling a server inactive (45 days)
$time = (Get-Date).Adddays(-45)
#this reads your text file (line by line) path is important here so I changed to c:\temp
gc c:\temp\serverlist.txt | % {
#Queries the AD $_ represent the server from the txt file then gets that server attributes
Get-ADComputer -Identity $_ -Properties LastlogonTimeStamp | select-object Name,@{Name="Stamp"; Expression={[DateTime]::FromFileTime($_.lastLogonTimestamp)}} | where {[DateTime]::FromFileTime($_.lastLogonTimestamp) -gt $time} 
} | export-csv c:\temp\OLD_Computer.csv -notypeinformation

Open in new window

0
 
Justin YeungConnect With a Mentor Senior Systems EngineerCommented:
This will obtain all AD computer object in your domain.
However Lastlogon on stamp on DC which doesn't replicate, you might have to run it against each domain controller for the comparison by add -Server yourdcname are -Filter *

Get-ADComputer -Filter * -Properties lastlogon,lastlogontimestamp,OperatingSystem | Select-Object Name,@{Name="LastLogonTimestamp"; Expression={[DateTime]::FromFileTime($_.lastLogonTimestamp)}},@{Name="Lastlgon"; Expression={[DateTime]::FromFileTime($_.lastlogon)}},OperatingSystem,Enabled | Sort-Object Operatingsystem,Lastlogon

Open in new window

0
 
becraigCommented:
import-module activedirectory  
$domain = "domain.mydom.com"  
$DaysInactive =  45  
$time = (Get-Date).Adddays(-($DaysInactive)) 
  
# Get all AD computers with lastLogonTimestamp less than our time 
Get-ADComputer -Filter {LastLogonTimeStamp -lt $time} -Properties LastLogonTimeStamp | 
  
# Output hostname and lastLogonTimestamp into CSV 
select-object Name,@{Name="Stamp"; Expression={[DateTime]::FromFileTime($_.lastLogonTimestamp)}} | export-csv OLD_Computer.csv -notypeinformation

Open in new window

                                           

Update the domain values
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
Justin YeungSenior Systems EngineerCommented:
I meant "-Server yourdcname are -Filter *"

-Server yourdcname after -Filter *
0
 
YashyAuthor Commented:
Thanks so much man.

Should I save this file as a .VBS? Also, will this save this file onto the local C drive?

And then change the values for where it says domain = "domain.mydom.com", should I change the value within the quotes to the domains I want..yes?

thanks again
0
 
Justin YeungSenior Systems EngineerCommented:
These are powershell, you can save it as .ps1 and run the script in your Active Directory Powershell console.

you might have to run
 Set-ExecutionPolicy RemoteSigned

before running the script.
0
 
YashyAuthor Commented:
i ran ".\ADlist.ps1" (name of file) from the C drive location on the prompt but nothing happened.

Where does it export the data onto?
0
 
becraigCommented:
I just realized you had a list of computers
This one will actually do what you asked in your question.

File will be saved in c:\OLD_Computer.csv


import-module activedirectory
$DaysInactive =  45  
$time = (Get-Date).Adddays(-($DaysInactive))
gc .\serverlist.txt | % {
Get-ADComputer -Identity $_ -Properties LastlogonTimeStamp | select-object Name,@{Name="Stamp"; Expression={[DateTime]::FromFileTime($_.lastLogonTimestamp)}} | where {[DateTime]::FromFileTime($_.lastLogonTimestamp) -gt $time} 
} | export-csv c:\OLD_Computer.csv -notypeinformation

Open in new window

0
 
Justin YeungSenior Systems EngineerCommented:
I believe you are running becraig's script and he does have an Export-CSV at the end of the script.

you might want to change the path to a path that you can get the file.

e.g c:\users\yourprofile\desktop\old_computer.csv
0
 
pgm554Connect With a Mentor Commented:
0
 
YashyAuthor Commented:
Hey Justin,

Yes, that's right.

However, when I run this nothing appears on the C drive.

I ran the Set-ExecutionPolicy RemoteSigned and then followed it with ".\ADlist.ps1" from the C:\ prompt on the powershell.
0
 
becraigCommented:
Did you run the last version I provided  ?

I updated to work with a serverlist since you indicated you have a list of computers.

Change serverlist.txt to match the name of the file you saved all your computer names to.
0
 
YashyAuthor Commented:
guys, thanks for your input.

Becraig, sorry for sounding dumb here but is this a file that needs to be run against the list of PC names I have? I've been trying to run this thinking it's exporting data out of AD:)
0
 
becraigCommented:
We gave you both options:

The first one pulls from the AD :
# Get all AD computers with lastLogonTimestamp less than our time
Get-ADComputer -Filter {LastLogonTimeStamp -lt $time}


The last one I gave uses your list and pulls the details from AD:
gc .\serverlist.txt | % {
Get-ADComputer -Identity $_

so if you simply want to check the AD for ALL servers then you can use the first script.

If you want to check only your list, use the last one.
0
 
pgm554Commented:
Run the Solarwinds tools.

It's a gui and it will give you exactly what you want.

I've used it to clean up the AD many times.
0
 
YashyAuthor Commented:
pgm54, thank you - i will make use of that shortly, but i'm also curious about the script:)

becraig - thanks for the feedback sir. I am doing everything here, but still won't work. I put the first file 'Get all AD computers....' into a notepad file. Saved it as 'serverlist.ps1'.

Then I run the following in the shell:

Set-ExecutionPolicy RemoteSigned.

Then I run ".\serverlist.ps1" from the same location as where the file is saved (i.e. C:\). And nothing is exporting?
0
 
becraigCommented:
What do you get in the PowerShell screen when you run it ?


import-module activedirectory
$time = (Get-Date).Adddays(-45)
gc .\serverlist.txt | % {
Write-host "processing $_ ..."
 Get-ADComputer -Identity $_ -Properties LastlogonTimeStamp | select-object Name,@{Name="Stamp"; Expression {[DateTime]::FromFileTime($_.lastLogonTimestamp)}} | where {[DateTime]::FromFileTime($_.lastLogonTimestamp) -lt $time} } | export-csv c:\OLD_Computer.csv  -notypeinformation
0
 
YashyAuthor Commented:
Nothing. It just returns with ".\serverlist.ps1". I've attached screenshot.

I'm unable to run the above you've put in here sadly. The file with the PC's is not exported from AD and so it doesn't consist of the column headings required such as 'lastLogonTimeStamp' etc. So i only worked with the first one now, but it just won't do anything unfortunately?
server-list.jpg
0
 
YashyAuthor Commented:
I'll outline it in steps:

1. Copy the content of the first uploaded script into notepad.
2. Change the domain value to our domain 'uk.fc.local'.
3. Save file to serverlist.ps1 to Desktop.
4. open up AD Powershell.
5. Run Set-ExecutionPolicy RemoteSigned.
6. Ensure I am in the 'C:\Users\Administrator.UK\Desktop location
7. Run the command ".\serverlist.ps1"
0
 
becraigCommented:
Ok so here are your steps:
1) Save your list of servers as c:\temp\serverlist.txt
2) Save the below code as c:\temp\script.ps1
import-module activedirectory
$time = (Get-Date).Adddays(-45)
gc .\serverlist.txt | % {
Get-ADComputer -Identity $_ -Properties LastlogonTimeStamp | select-object Name,@{Name="Stamp"; Expression={[DateTime]::FromFileTime($_.lastLogonTimestamp)}} | where {[DateTime]::FromFileTime($_.lastLogonTimestamp) -gt $time} 
} | export-csv c:\temp\OLD_Computer.csv -notypeinformation

Open in new window

                                           
3) open a powershell window
4) Run Set-ExecutionPolicy RemoteSigned  "Hit Enter"
5) Navigate to c:\temp
6) Run .\script.ps1
7) Run notepad c:\temp\OLD_Computer.csv
0
 
YashyAuthor Commented:
Hey man...

I think that's the problem right there, I'm unable to use this.

The list of servers/PC's I have are not in .csv format or have not been exported. They are in notepad form. So the file 'serverlist.txt' has a load of PC's which are in the .txt file one line after another. There is not heading or column. I believe your 'Get-ADcomputer' command is looking for a column like LastlogonTimeStamp which does not exist in this file?

I tried doing what you just mentioned and nothing is working sadly. My guess is that there's a misunderstanding here about the .txt file?
0
 
YashyAuthor Commented:
This worked like an absolute charm now:). In the final one, you located the .csv into a specific location which worked.

Thanks again for your help.

I'll be reposting a similar one, but for Windows 2003 as it doesn't have powershell.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.