Share via

Need to add distinguishedname in existing powershell script with get-aduser

Alex_HcB 21 Reputation points
2023-01-04T13:24:19.163+00:00

Hi Everybody,

I'm noob in powershell scripting and i need your help :)

I found a script who list users from an AD with lastlogon and lastlogontimestamp: 

Import-Module ActiveDirectory  
      
function Get-ADUsersLastLogon()  
{  
  $dcs = Get-ADDomainController -Filter {Name -like "*"}  
  $users = Get-ADUser -Filter 'enabled -eq $true'  
  $time = 0  
     
  foreach($user in $users)  
  {  
    foreach($dc in $dcs)  
    {   
      $hostname = $dc.HostName  
      $currentUser = Get-ADUser $user.SamAccountName | Get-ADObject -Server $hostname -Properties lastLogon, LastLogonTimestamp  
     
      if($currentUser.LastLogon -gt $time)   
      {  
        $time = $currentUser.LastLogon  
      }  
      if($currentUser.LastLogonTimestamp -gt $time)   
      {  
        $time = $currentUser.LastLogonTimestamp  
      }  
    }  
     
    $dt = [DateTime]::FromFileTime($time)  
    $row = $user.Name+","+$user.SamAccountName+","+$dt  
    $Object = New-Object PSObject  
    Add-Member -InputObject $Object -NotePropertyName "Name" -NotePropertyValue $user.Name  
    Add-Member -InputObject $Object -NotePropertyName "SamAccountName" -NotePropertyValue $user.SamAccountName  
    Add-Member -InputObject $Object -NotePropertyName "LastLogon" -NotePropertyValue $dt.ToString("yyyy-MM-dd HH:mm")  
         
    Write-Output $Object  
     
    #Out-File -filepath $exportFilePath -append -noclobber -InputObject $row  
     
    $time = 0  
  }  
}  
      
Get-ADUsersLastLogon

The script works perfectly but I need to add the distinguishedname.

How to realize that with this script?

Thank you so much in advance.

Best Regards,

Alex

Windows for business Windows Client for IT Pros Directory services Active Directory
Windows for business Windows Server User experience PowerShell
Windows for business Windows Server User experience Other
0 comments
Accepted answer
  1. Andreas Baumgarten 123.4K Reputation points MVP Volunteer Moderator
    2023-01-04T13:40:57.023+00:00

    Hi @Alex_HcB ,

    it's just one additional line (line 30) to get this done: 

    Import-Module ActiveDirectory  
          
 function Get-ADUsersLastLogon()  
 {  
   $dcs = Get-ADDomainController -Filter {Name -like "*"}  
   $users = Get-ADUser -Filter 'enabled -eq $true'  
   $time = 0  
         
   foreach($user in $users)  
   {  
     foreach($dc in $dcs)  
     {   
       $hostname = $dc.HostName  
       $currentUser = Get-ADUser $user.SamAccountName | Get-ADObject -Server $hostname -Properties lastLogon, LastLogonTimestamp  
       if($currentUser.LastLogon -gt $time)   
       {  
         $time = $currentUser.LastLogon  
       }  
       if($currentUser.LastLogonTimestamp -gt $time)   
       {  
         $time = $currentUser.LastLogonTimestamp  
       }  
     }  
         
     $dt = [DateTime]::FromFileTime($time)  
     $row = $user.Name+","+$user.SamAccountName+","+$dt  
     $Object = New-Object PSObject  
     Add-Member -InputObject $Object -NotePropertyName "Name" -NotePropertyValue $user.Name  
     Add-Member -InputObject $Object -NotePropertyName "SamAccountName" -NotePropertyValue $user.SamAccountName  
     Add-Member -InputObject $Object -NotePropertyName "DistinguishedName" -NotePropertyValue $user.DistinguishedName  
     Add-Member -InputObject $Object -NotePropertyName "LastLogon" -NotePropertyValue $dt.ToString("yyyy-MM-dd HH:mm")  
             
     Write-Output $Object  
         
     #Out-File -filepath $exportFilePath -append -noclobber -InputObject $row  
         
     $time = 0  
   }  
 }  
          
 Get-ADUsersLastLogon

    ----------

    (If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)

    Regards
    Andreas Baumgarten

    0 comments

2 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Alex_HcB 21 Reputation points
    2023-01-04T13:47:38.137+00:00

    Hi @Andreas Baumgarten ,
    I hesitated to add this line but figured it was too easy for it to be just that :)
    Thank you very very much!
    It works perfectly as I expected!!
    Thank you again.
    Best Regards,
    Alex

    0 comments
  2. Andreas Baumgarten 123.4K Reputation points MVP Volunteer Moderator
    2023-01-04T13:55:10.793+00:00

    Hi @Alex_HcB ,

    thanks for the feedback.

    Don't be hesitated to try things with PowerShell as long it is a query ( get-"something" ). With a query there is no chance to "destroy" anything. Maybe the result set looks "weird" but it does not change/modify the data you are querying. ;-).
    Using set-"something" , create-"something" and Remove-"something" cmdlets it's a different story :-). Using the -WhatIf option, if available, with these cmdlets for testing prevents data manipulation during tests.

    ----------

    (If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)

    Regards
    Andreas Baumgarten

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.