Reputation: 51
How to list logons on a specific computer?
I have to write a simple script which lists all users logon at every computer in a specific OU.
I have tried the function Get-UserLogon -OU '[distinguished name]' (see here) but it doesn't return any stdout.
Any alternatives?
Upvotes: 0
Views: 1675
Answers (4)
Reputation: 61218
There is an alternative method that does not iterate all computers in the domain, but it relies on all users have their Home directories redirected to a network share.
If that is the case in your domain, try:
# the UNC \\Server\Share name of the network share where all user homedirectories are
$usersHomePath = '\\HomesServer\HomesShare$'
# split this UNC path to get the server name and share name in separate variables
$server, $share = $usersHomePath.TrimStart("\") -split '\\'
# get an array of SamAccountNames for all users in the OU
$users = (Get-ADUser -Filter * -SearchBase '[distinguished name]').SamAccountName
$result = Get-CimInstance -ClassName Win32_ServerConnection -ComputerName $server |
Where-Object { $_.ShareName -eq $share -and $users -contains $_.UserName } |
Select-Object @{Name = "SamAccountName"; Expression = { $_.UserName }},
@{Name = "ComputerName"; Expression = {(([System.Net.Dns]::GetHostEntry($_.ComputerName).HostName) -split "\.")[0]}}
#output in console
$result
# output to Csv
$result | Export-Csv -Path 'UsersOnComputers.csv' -NoTypeInformation
Upvotes: 1
Reputation: 51
I found such kind of possible solution here (read at the bottom of the thread), but I am not familiar at all with VBscript and I would like to implement this code in PowerShell.
Upvotes: 0
Reputation: 41
Have you tried this to give you users last logon time and date:
Get-ADUser -Filter * -SearchBase "ou=users,dc=contoso,dc=local" -ResultPageSize 0 -Prop CN,lastLogonTimestamp | Select CN,@{n="lastLogonDate";e={[datetime]::FromFileTime($_.lastLogonTimestamp)}} | Export-CSV -NoType last.csv
Upvotes: 3
Reputation: 51
I tried to simply debug the Get-UserLogon function.
This function tries to connect to every computer listed in the OU and then it query to them the users logon list. As expected, most of these computers refuse the connection (maybe they are shutted down or simply offline).
Is there another way to retrieve such information? Does domain controller store logons in a such centralized fashion?
Upvotes: 0
Related Questions
- Query list of computers - output last logged on user and last logon date
- How to find all computers a user is logged into
- Powershell - Find computers with a specific username logged in
- Powershell: Get number of computers connected to Active Directory by OS
- How to find PC from list of users
- Listing information for all computers in an OU using PowerShell
- Powershell script to query specifc OU in AD for computer names and export
- Get computer list from OU using Get-ADComputer cmdlet
- Using PowerShell to get all active-domain computers
- Get computers list from certain OU in active directory?