jessikitty/AD-ComputerLastLogon
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3 Commits 1 Branch 0 Tags
8aef95655ee317ddfe8952411b8063d107549b3a
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE

README.md

AD-ComputerLastLogon

PowerShell script to check when a computer last authenticated to the Active Directory domain.

Requirements

  • Windows PowerShell 5.1 or PowerShell 7+
  • Active Directory PowerShell module (RSAT)
  • Run on a Domain Controller or machine with AD connectivity

Usage

Interactive Mode

.\Get-ComputerLastLogon.ps1
# You will be prompted to enter a computer name

With Parameter

.\Get-ComputerLastLogon.ps1 -ComputerName "WORKSTATION01"

Output

The script displays:

Field Description
Last Logon (Replicated) LastLogonTimestamp - replicated across DCs, updated ~every 14 days
Last Logon (This DC) LastLogon - specific to the DC you're querying, not replicated
Days Since Last Logon Calculated from the replicated timestamp
Account Enabled Whether the computer account is enabled
Operating System OS name and version
Created When the computer account was created
Description AD description field
DN Distinguished Name (full AD path)

Notes

  • LastLogonTimestamp is the more reliable field for determining if a computer is active, as it's replicated between all DCs
  • LastLogon only reflects activity on the specific DC you're querying
  • The replicated timestamp is only updated approximately every 14 days to reduce replication traffic
Reference in New Issue View Git Blame Copy Permalink
Description
PowerShell script to check last domain authentication time for computers in Active Directory
Readme 58 KiB
Languages
PowerShell 100%