diff --git a/README.md b/README.md
new file mode 100644
index 0000000..b12913c
--- /dev/null
+++ b/README.md
@@ -0,0 +1,43 @@
+# AD-ComputerLastLogon
+
+PowerShell script to check when a computer last authenticated to the Active Directory domain.
+
+## Requirements
+
+- Windows PowerShell 5.1 or PowerShell 7+
+- Active Directory PowerShell module (RSAT)
+- Run on a Domain Controller or machine with AD connectivity
+
+## Usage
+
+### Interactive Mode
+```powershell
+.\Get-ComputerLastLogon.ps1
+# You will be prompted to enter a computer name
+```
+
+### With Parameter
+```powershell
+.\Get-ComputerLastLogon.ps1 -ComputerName "WORKSTATION01"
+```
+
+## Output
+
+The script displays:
+
+| Field | Description |
+|-------|-------------|
+| **Last Logon (Replicated)** | `LastLogonTimestamp` - replicated across DCs, updated ~every 14 days |
+| **Last Logon (This DC)** | `LastLogon` - specific to the DC you're querying, not replicated |
+| **Days Since Last Logon** | Calculated from the replicated timestamp |
+| **Account Enabled** | Whether the computer account is enabled |
+| **Operating System** | OS name and version |
+| **Created** | When the computer account was created |
+| **Description** | AD description field |
+| **DN** | Distinguished Name (full AD path) |
+
+## Notes
+
+- **LastLogonTimestamp** is the more reliable field for determining if a computer is active, as it's replicated between all DCs
+- **LastLogon** only reflects activity on the specific DC you're querying
+- The replicated timestamp is only updated approximately every 14 days to reduce replication traffic