CODEWITHSUNDEEP
windowspowershellcommand
Help
Help

Reputation: 181

Windows Command To Get Inactive Users Passed 90 Days

I am trying to craft a command on Windows that searches for user accounts that have been inactive for more than 90 days.

The command below works:

Search-ADAccount -AccountInactive -TimeSpan 90.00:00:00 | Format-Table Name,ObjectClass -A

However, this requires installing AD components for the "Search-ADAccount" parameter to work. Is there a way of getting this information without the need to install any additional components?

Upvotes: 0

Views: 1178

Answers (1)

Abraham Zinala
Abraham Zinala

Reputation: 4694

Per your comment, you can do something along the lines of this:

[CmdletBinding()]
    Param(
        [Parameter(Mandatory=$true,
                   ValueFromPipeLine=$true,
                   HelpMessage='Enter Computer Name')]
                   [Alias('CN','Computer')]
                   [string[]]$ComputerName)
 Process{
     try{
        Foreach($Computer in $ComputerName){
            $UNC  = Get-ChildItem -Path "\\$ComputerName\c$\Users" -ErrorAction Stop
            
                Foreach($user in $UNC.name){
                   $UserDate = (net user $user /domain | Select-String -SimpleMatch "Last Logon" | Select-Object -ExpandProperty Line -ErrorAction SilentlyContinue ).Split(' ') 2>&1 | Select-Object -Skip 20 -First 1 
                            [PSCustomObject] @{
                                "User Name"   = $user
                                "Last Logon"  = $UserDate
                                    }
                                }
                            } 
                        }Catch{
                            [PSCustomObject] @{
                                "User Name"   = $user
                                "Last Logon"  = $null

                        }
                    }
                }

If you're looking for specific users, Net User should do the trick, but against a list of users that have logged into a machine, the above script can give you some feed back for that.

Im just confused on the local accounts part of this, are they actual local accounts, or Domain Accounts?

Upvotes: 1

Related Questions