Hello,
I’m wondering if it’s possible to modify this script to allow for user input of a single computer to look up?
Thanks
Add-PSSnapin Quest.ActiveRoles.ADManagement
$dcs = Get-QADComputer -ComputerRole DomainController
foreach($dc in $dcs){
Get-ADComputer $dc.Name -Properties lastlogontimestamp |
Select-Object @{n="Computer";e={$_.Name}}, @{Name="Lastlogon"; Expression={[DateTime]::FromFileTime($_.lastLogonTimestamp)}}
}
This doesn’t make sense for a number of reasons. This checks the LastLogonTimestamp (which is synchronized, albeit delayed by, or accurate within, 9-14 days or whatever it is) of each DC itself (passed as “$dc.Name” to Get-ADComputer) and outputs objects with each DC’s name and its LastLogonTimestamp. So, what exactly are you trying to do? It seems like you really want to check the non-synchronized LastLogon timestamp on each DC? For a computer object? Guessing, you might want to check the LastLogon or LastLogonTimestamp on one or more domain controllers for some given computer.
Anyway, if you want “user input of a single computer to look up”, and I guess that you want to check it for each DC (rather than checking the actual DCs…), something like this will do (should be v2-compatible):
PS C:\temp> add-pssnapin quest.activeroles.admanagement
PS C:\temp> $dcs = Get-QADComputer -ComputerRole DomainController
PS C:\temp> $dcs | select -exp Name
2008R2ESXI2
2008R2ESXI
PS C:\temp> $CheckThisOne = Read-Host -Prompt 'Enter computer name to check last logon for'
Enter computer name to check last logon for: vista64esxi
Then something like this:
PS C:\temp> @( foreach ($dc in $dcs) {
Get-ADComputer -Server $dc.Name -Properties LastLogon, LastLogonTimestamp -Identity $CheckThisOne |
Select @{n='ComputerName';e={$CheckThisOne}}, @{n='DC';e={$dc.Name}}, @{n='LastLogon';e={[datetime]::FromFileTime($_.LastLogon)}}, @{n='LastLogonTimestamp';e={[datetime]::FromFileTime($_.LastLogonTimestamp)}}
} ) | Format-Table -AutoSize
ComputerName DC LastLogon LastLogonTimestamp
------------ -- --------- ------------------
vista64esxi 2008R2ESXI2 12/19/2013 2:29:48 AM 12/14/2013 6:29:48 PM
vista64esxi 2008R2ESXI 12/19/2013 7:29:48 AM 12/14/2013 6:29:48 PM
There you can see that the LastLogonTimestamp is identical for both (as it should be), and that it’s off by a bit (ca. 5 days) compared to the actual last computer authentication date.
Good luck and happy holidays.
This has helped me a ton. Thank you, kind Sir.
Thanks