PS script for report of accounts havent logged in for a long time

Rammy Charles
Rammy Charles used Ask the Experts™
on
Is there a powershell script that can run a report against active directory to seek and find accounts who havent logged into the forest in a long time?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
AmitIT Architect
Distinguished Expert 2017

Commented:
You can check last long time for user using PS. Check this Script:
https://gallery.technet.microsoft.com/scriptcenter/Get-Active-Directory-user-246f17c7

Test it.
Shaun VermaakTechnical Specialist
Awarded 2017
Distinguished Expert 2018

Commented:
Powershell to find inactive accounts Active Directory for 90 days or longer.

Search-ADAccount -UsersOnly -AccountInactive -TimeSpan 90 | ?{$_.enabled -eq $True} | Get-ADUser -Properties Name, EmailAddress, Department, Description, lastLogonTimestamp | Select Name, EmailAddress, Department, Description,@{n='lastLogonTimestamp';e={[DateTime]::FromFileTime($_.lastLogonTimestamp)}} | Export-Csv D:\temp\testfunytest.csv


Source:  http://expert-advice.org/active-directory/powershell-to-find-inactive-ad-users-and-computers-accounts/

You can also automate this process using this Active Directory cleanup solution like; Lepide, OldCmp and ManageEngine to identify, move or clean up inactive AD user accounts.
Rammy CharlesSales Engineer

Author

Commented:
austin that is what i wanted. do you oknow if i can add filters to not show some accounts on the report and also how can i sort by lastlogontimestamp?
Jeremy WeisingerSenior Network Consultant / Engineer

Commented:
You filter the results by using Where-Object (aka ?). So if you have a list of users you could match the current name against it.
And sorting is easy enough. Sort-Object <property name>.  Putting it together is something like this:
$userfilter = Get-Content C:\filterlist.txt
Search-ADAccount -UsersOnly -AccountInactive -TimeSpan 90 | ?{$_.enabled -eq $True} | Get-ADUser -Properties Name, EmailAddress, Department, Description, lastLogonTimestamp | ?{$userfilter -notmatch $_.SamAccountName} | Select Name, EmailAddress, Department, Description,@{n='lastLogonTimestamp';e={[DateTime]::FromFileTime($_.lastLogonTimestamp)}} | sort lastlogontimestamp | Export-Csv D:\temp\testfunytest.csv

Open in new window

Note the additions of
$userfilter = Get-Content C:\filterlist.txt
?{$userfilter -notmatch $_.SamAccountName}
sort lastlogontimestamp

Be sure to edit for your environment.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial