Here’s a quick one from the forums. I think I did this before but it’s interesting to relook at things.
A lot of things can be written in one line in Powershell. There’s the whole “POWER” part there.
In Active Directory there is a field called "LastLogonTimeStamp” which usually contains when somebody last logged into a computer. This is important especially if you’d like to know which computers HAVEN’T been logged in. Say there’s a whole pile of old computer accounts in A/D? Here is the easy way to tell.
Using GET-QADCOMPUTER normally you don’t get this field. But if you run the following command
GET-QADCOMPUTER –includeallproperties | get-member
You can see EVERY property that can be queried from the computer accounts. I personally do it like this
GET-QADCOMPUTER –includeallproperties | export-csv C:\computerdata.csv
I like that for one big reason. I can open it up in Excel and not ONLY does it show me the properties but what they contain. So you can get a really good idea what you need to query. So if I want to get a list of computers with the LastLogonTimestamp I just execute this command
GET-QADCOMPUTER -IncludedProperties LastLogonTimeStamp
Now all need to do is decide how stale the computer accounts should be. Let’s say 90 days? Comparing that date with the current date
$date=get-date; $days=60; get-qadcomputer -IncludedProperties LastLogonTimeStamp | where { ($date-$_.LastLogonTimeStamp).Days -gt $days }
There you have it. Simple, useful. One line. Powerful. that’s Powershell
Abuse the Power :)
Sean
The Energized Tech
Leave a comment