Powershell Listing inactive accounts
https://stackoverflow.com/questions/10438304
-
05-06-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I am trying to list all accounts that have not been logged into outside of 6 months.
This is my first time really using powershell and I am simply editing other people's scripts at this point to fit my own needs.
I want to separate the search into two lists : computers only and users only.
Code for computers outside six months.
Search-ADAccount -accountinactive -computersonly | where {$_.lastlogondate -lt (get-date).addmonths(-6)} | FT Name,LastLogonDate
Code for users outside six months.
Search-ADAccount -accountinactive -usersonly | where {$_.lastlogondate -lt (get-date).addmonths(-6)} | FT Name,LastLogonDate
However, these are not working and are just spitting out all accounts. I have also noticed changing the -6 to any number really has no effect. Suggestions?
La solution
Your test is OK (it's working in my AD) the only thing is that you have to eliminate the objects where $_.lastlogondate is null.
try :
Search-ADAccount -accountinactive -usersonly | where {! ($_.lastlogondate -lt (get-date).addMonths(-6))} | ft Name,lastlogondate
Edited :
Because the lastLogon attribute is not replicated in Active Directory, a different value can be stored in the copy of Active Directory on each Domain Controller. One solution is to loop over all domains controlers to build a list such users. But I'am quite sure there is an other solution !
Autres conseils
Have a look here for Tracking the inactive users by categories(logon status,disabled users,password expired users,acc expired users,neverloggedon users,deleted users,etc)
http://www.adsysnet.com/asn-active-directory-inactive-account-tracker-features.aspx
I believe you need to pass a date or a timespan along with the -AccountInactive switch. Doing should make your custom filter unnecessary, so try something like this (untested):
Search-ADAccount -accountinactive -datetime (get-date).AddMonths(-6) -computersonly | ft Name,LastLogonDate
Search-ADAccount -accountinactive -datetime (get-date).AddMonths(-6) -userssonly | ft Name,LastLogonDate
$sixMonths = (Get-Date).AddMonths(-6)
Search-ADAccount -accountinactive -usersonly -datetime "$sixMonths"
