Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Script to generate inactive users from Active Directory

Posted on 2015-02-11
5
Medium Priority
?
120 Views
Last Modified: 2015-02-18
Hello, need help to have script to export (csv or excel) details of inactive user in active directory beyond certain days (eg. 90 days).

The report should have below attributes (including last logon date & time):-
displayName
samAccountName
Description
title
mail
department
telephoneNumber
MOBILE
postalCode
Manager
physicalDeliveryOfficeName,
Company
lastlogondate & time
0
Comment
Question by:TJOSY
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
5 Comments
 
LVL 4

Expert Comment

by:Manoj Bojewar
ID: 40605105
use this attached tool, this will give you exact report.
0
 
LVL 4

Expert Comment

by:Manoj Bojewar
ID: 40605113
0
 

Author Comment

by:TJOSY
ID: 40611137
Thank you Manoj. infact I am looking for PowerShell or vbscript
0
 
LVL 71

Accepted Solution

by:
Chris Dent earned 2000 total points
ID: 40613674
I assume you want to us the MS AD module?
Import-Module ActiveDirectory
$Properties = "displayName", "sAMAccountName", "description", "title", "mail", "department", "telephoneNumber", "mobile", "postalCode", "manager", "physicalDeliveryOfficeName", "Company", "lastLogonTimeStamp"
$LastLogonLimit = (Get-Date).AddDays(-90)
Get-ADUser -Filter { LastLogonTimeStamp -lt $LastLogonLimit -and Enabled -eq $true } -Properties $Properties |
  Select-Object $Properties |
  Export-Csv "InactiveReport.csv" -NoTypeInformation

Open in new window

You may choose to remove the "Enabled -eq $true" part of the filter. That's only there to drop disabled accounts from the result set.

lastLogonTimeStamp needs a note as well. It's used because lastLogon is not replicated between domain controllers. lastLogonTimeStamp is, but may be up to 14 days out of date so it's more of a guideline than a definite value. Still, for a 90 day period it should suffice.

HTH

Chris
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This script can help you clean up your user profile database by comparing profiles to Active Directory users in a particular OU, and removing the profiles that don't match.
The following article is intended as a guide to using PowerShell as a more versatile and reliable form of application detection in SCCM.
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question