Solved

Script to generate inactive users from Active Directory

Posted on 2015-02-11
5
117 Views
Last Modified: 2015-02-18
Hello, need help to have script to export (csv or excel) details of inactive user in active directory beyond certain days (eg. 90 days).

The report should have below attributes (including last logon date & time):-
displayName
samAccountName
Description
title
mail
department
telephoneNumber
MOBILE
postalCode
Manager
physicalDeliveryOfficeName,
Company
lastlogondate & time
0
Comment
Question by:TJOSY
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
5 Comments
 
LVL 4

Expert Comment

by:Manoj Bojewar
ID: 40605105
use this attached tool, this will give you exact report.
0
 
LVL 4

Expert Comment

by:Manoj Bojewar
ID: 40605113
0
 

Author Comment

by:TJOSY
ID: 40611137
Thank you Manoj. infact I am looking for PowerShell or vbscript
0
 
LVL 71

Accepted Solution

by:
Chris Dent earned 500 total points
ID: 40613674
I assume you want to us the MS AD module?
Import-Module ActiveDirectory
$Properties = "displayName", "sAMAccountName", "description", "title", "mail", "department", "telephoneNumber", "mobile", "postalCode", "manager", "physicalDeliveryOfficeName", "Company", "lastLogonTimeStamp"
$LastLogonLimit = (Get-Date).AddDays(-90)
Get-ADUser -Filter { LastLogonTimeStamp -lt $LastLogonLimit -and Enabled -eq $true } -Properties $Properties |
  Select-Object $Properties |
  Export-Csv "InactiveReport.csv" -NoTypeInformation

Open in new window

You may choose to remove the "Enabled -eq $true" part of the filter. That's only there to drop disabled accounts from the result set.

lastLogonTimeStamp needs a note as well. It's used because lastLogon is not replicated between domain controllers. lastLogonTimeStamp is, but may be up to 14 days out of date so it's more of a guideline than a definite value. Still, for a 90 day period it should suffice.

HTH

Chris
0

Featured Post

Free eBook: Backup on AWS

Everything you need to know about backup and disaster recovery with AWS, for FREE!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
Recently we ran in to an issue while running some SQL jobs where we were trying to process the cubes.  We got an error saying failure stating 'NT SERVICE\SQLSERVERAGENT does not have access to Analysis Services. So this is a way to automate that wit…
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question