I have an array which contain the LastLogonDate (OnPrem AD), the EntraID LastSignIn and the EntraID LastNonInterActiveSignIn. I am comparing these three dates to filter out accounts which have logged in for the last 90 days.
foreach ($Obj in $ToDisableFilter) {
$Dates = $Obj.EntraID_LastSignin, $Obj.LastLogonDate, $Obj.EntraID_LastNonInteractive | Sort-Object -Descending
$LastSignInDate = $Dates[0]
If ($LastSignInDate -lt $DisableDate) {
Write-Log -Message "$($Obj.Name) Last sign in date $($LastSignedInDate) is older then $($DisableDate), wherefore the user will be disabled" -Severity Information
Disable-ADAccount -Identity $Obj.DistinguishedName
} Else {
Write-Log -Message "$($Obj.Name) will not be disabled, because $($LastSignInDate) is newer then $($DisableDate)" -Severity Information
$ToDisableFiltered = $ToDisableFilter | Where-Object {$_.Name -notcontains $Obj.Name}
}
}
The log clearly shows that the items which need to filtered out are successfully retrieved, however the Array “$ToDisableFiltered” still contains some objects that should be filtered out.
LogFile:
"18/10/2024 10:56","Benjamin Beulens will not be disabled, because 17/10/2024 18:09:38 is newer then 08/19/2024 10:55:10","Information"
"18/10/2024 10:56","Chris Isaac Last sign in date is older then 08/19/2024 10:55:10, wherefore the user will be disabled","Information"
"18/10/2024 10:56","Dominique Lessage Last sign in date is older then 08/19/2024 10:55:10, wherefore the user will be disabled","Information"
Array
Name : Benjamin Beulens
EntraID_DisplayName : Benjamin Beulens
Mail : Benjamin Beulens@talktalk.back.com
CreationDate : 08/05/2024 14:16:03
LastLogonDate : 08/07/2024 08:12:50
DistinguishedName : CN=Benjamin Beulens,OU=UserContainer,DC=talktalk,DC=internal
EntraID_LastSignin : 17/10/2024 12:34:39
EntraID_LastNonInteractive : 17/10/2024 18:09:38
AccountType : Hybrid
GivenName : Benjamin
SurName : Beulens
AdminDescription :
UserType : Member
Manager : CN=Run DMC,OU=UserContainer,DC=talktalk,DC=internal
Managers_Email : Run.DMC@talktalk.back.com
Managers_GivenName : Run
Managers_SurName : DMC
Name : Joel Smets
EntraID_DisplayName : Joel Smetst
Mail : Joel.Smets@talktalk.back.com
UserPrincipalName : Joel.Smets@talktalk.back.com
EntraID_UPN : Joel.Smets@talktalk.back.com
CreationDate : 03/07/2024 11:56:54
LastLogonDate : 03/07/2024 13:53:38
DistinguishedName : CN=Joel Smets,OU=UserContainer,DC=talktalk,DC=internal
EntraID_LastSignin : 04/07/2024 13:16:53
EntraID_LastNonInteractive : 04/07/2024 13:41:51
AccountType : Hybrid
GivenName : Joel
SurName : Smets
AdminDescription :
UserType : Member
Manager : Not Present
Managers_Email : philippe.Gilbert@talktalk.back.com
Managers_GivenName : Philippe
Managers_SurName : Gilbert
Name : Dominique Lessage
EntraID_DisplayName : Dominique Lessage
Mail : Dominique.Lessage@talktalk.back.com
UserPrincipalName : Dominique.Lessage@talktalk.back.com
EntraID_UPN : Dominique.Lessage@talktalk.back.com
CreationDate : 03/07/2024 12:00:31
LastLogonDate : 15/07/2024 09:09:17
DistinguishedName : CN=Dominique Lessage,OU=UserContainer,DC=talktalk,DC=internal
EntraID_LastSignin : 17/10/2024 12:12:09
EntraID_LastNonInteractive : 18/10/2024 04:52:59
AccountType : Hybrid
GivenName : Dominique
SurName : Lessage
AdminDescription :
UserType : Member
Manager : Not Present
Managers_Email :
Managers_GivenName :
Managers_SurName :