Question : Script to get users that have not logged on recently.

Hi, I want to run a script on a 2 DC AD to obtain a list of users that have not logged on for a deteremined amount of time. The domain functional mode is Windows 2000 Native as I have a 2000 DC and a 2003 DC so usually I would run "dsquery user -inactive" but this will not work I beleive as it requires a higher level of Domain Funtionality. Does anyone know of a way to get the same info from a Mixed Mode domain, bearing in mind I do not have any third party tools or anything like SMS. My client is budgetless so I am really looking at AD Scripts.

Many Thanks

Answer : Script to get users that have not logged on recently.

Hey there,

You can try mine if you like, it should be able to show you everything you need. It creates a CSV File as output containing the last logon for all users within the domain.

And it should run "as is", unless you need it to do more.

Otherwise, save it off as .vbs and off you go.

HTH

Chris

                       
         
           
             1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:
61:
62:
63:
64:
65:
66:
67:
68:
69:
70:
71:
72:
73:
74:
75:
76:
77:
78:
79:
80:
81:
82:
83:
84:
85:
86:
87:
88:
89:
90:
91:
92:
93:
94:
95:
96:
97:
98:
99:
100:
101:
102:
103:
104:
105:
106:
107:
108:
109:
110:
111:
112:
113:
114:
115:
116:
117:
118:
119:
120:
121:
122:
123:
124:
125:
126:
127:
128:
129:
130:
131:
132:
133:
134:
135:
136:

           
           
             Option Explicit
 
' Global Constants
 
Const FILE_NAME = "LastLogon.csv"
 
'
' Subroutines
'
 
Sub GetLastLogon(objDomainController)
	Const ADS_SCOPE_SUBTREE = 2
	Const ADS_UF_ACCOUNTDISABLE = &H2
 
	Dim objConnection, objCommand, objRecordSet, objRootDSE, objLastLogon
	Dim strDCName, strUsername, strDN, strDisplayName
	Dim intUAC, intLogonTime
	Dim dtmLastLogon
 
	strDCName = Mid(objDomainController.Name, 4, Len(objDomainController.Name))
 
	Set objConnection = CreateObject("ADODB.Connection")
	objConnection.Provider = "ADsDSOObject"
	objConnection.Open "Active Directory Provider"
	
	Set objCommand = CreateObject("ADODB.Command")
	Set objCommand.ActiveConnection = objConnection
	
	WScript.Echo "Querying: " & strDCName
	Set objRootDSE = GetObject("LDAP://RootDSE")
	objCommand.CommandText = "SELECT sAMAccountName, lastLogon, distinguishedName, userAccountControl, " &_
		"displayName FROM 'LDAP://" & strDCName & "/" & objRootDSE.Get("defaultNamingContext") & "' " &_
		"WHERE objectClass='user' AND objectCategory='person'"
	Set objRootDSE = Nothing
	
	objCommand.Properties("Page Size") = 1000
	objCommand.Properties("Timeout") = 600
	objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
	objCommand.Properties("Cache Results") = False
 
	Set objRecordSet = objCommand.Execute
	
	While Not objRecordSet.EOF
		strUsername = objRecordSet.Fields("sAMAccountName")
		strDN = objRecordSet.Fields("distinguishedName")
		intUAC = objRecordSet.Fields("userAccountControl")
		On Error Resume Next
		strDisplayName = "" : strDisplayName = objRecordSet.Fields("displayName")
		On Error Goto 0
 
		If intUAC And ADS_UF_ACCOUNTDISABLE Then
			strAccountState = "Disabled"
		Else
			strAccountState = "Enabled"
		End If
 
		On Error Resume Next
		objLastLogon = objRecordSet.Fields("lastLogon")
 
		intLogonTime = objLastLogon.HighPart * (2^32) + objLastLogon.LowPart
		intLogonTime = intLogonTime / 600000000
		intLogonTime = intLogonTime / 1440
		dtmLastLogon = intLogonTime + #01/01/1601#
 
		Set objLastLogon = Nothing
		On Error Goto 0
 
		If dtmLastLogon <> #01/01/1601# Then
			If objUsers.Exists(strUsername ) Then
				If dtmLastLogon > objUsers(strUsername)(0) Then
					objUsers.Remove(strUsername)
					objUsers.Add strUsername, Array(dtmLastLogon, _
						strAccountState, strDN, strDisplayName)
				End If
			Else
				objUsers.Add strUsername, Array(dtmLastLogon, _
					strAccountState, strDN, strDisplayName)
			End If
		End If
 
		objRecordSet.MoveNext
	WEnd
 
	Set objRecordSet = Nothing
	Set objCommand = Nothing
	Set objConnection = Nothing
End sub
 
'
' Main Code
'
 
Dim objRootDSE, objUsers, objDomainControllers, objDomainController, objFileSystem, objFile
Dim strUsername, strAccountState, strDN, strDisplayName
Dim dtmLastLogon, dtmRuntime
 
dtmRunTime = Now
 
Set objRootDSE = GetObject("LDAP://RootDSE")
 
Set objUsers = CreateObject("Scripting.Dictionary")
 
' Get the DC List
 
Set objDomainControllers = GetObject("LDAP://OU=Domain Controllers," &_
	  objRootDSE.Get("defaultNamingContext"))
objDomainControllers.Filter = Array("computer")
 
For Each objDomainController in objDomainControllers
	  GetLastLogon objDomainController
Next
 
Set objDomainControllers = Nothing
Set objRootDSE = Nothing
 
' Reporting
 
Set objFileSystem = CreateObject("Scripting.FileSystemObject")
Set objFile = objFileSystem.CreateTextFile(FILE_NAME, True, False)
 
For Each strUsername In objUsers
	dtmLastLogon = objUsers(strUsername)(0)
	strAccountState = objUsers(strUsername)(1)
	strDN = objUsers(strUsername)(2)
	strDisplayName = objUsers(strUsername)(3)
 
	objFile.WriteLine """" & strDisplayName & """,""" & strAccountState & """,""" &_
		dtmLastLogon & """,""" & strUsername & """,""" & strDN & """"
Next
 
WScript.Echo "Run Time: " & DateDiff("s", dtmRunTime, Now) & " Seconds"
 
objFile.Close
Set objFileSystem = Nothing
 
Set objUsers = Nothing

           
         

Open in New Window Select All