76 lines
2.8 KiB
PowerShell
76 lines
2.8 KiB
PowerShell
#Requires -Modules ActiveDirectory
|
|
<#
|
|
.SYNOPSIS
|
|
Checks the last time a computer authenticated to the domain.
|
|
|
|
.DESCRIPTION
|
|
Queries Active Directory for a computer's last logon information,
|
|
including LastLogonTimestamp (replicated) and LastLogon (DC-specific).
|
|
|
|
.PARAMETER ComputerName
|
|
The name of the computer to check. Can be provided as a parameter or entered interactively.
|
|
|
|
.EXAMPLE
|
|
.\Get-ComputerLastLogon.ps1 -ComputerName "WORKSTATION01"
|
|
|
|
.EXAMPLE
|
|
.\Get-ComputerLastLogon.ps1
|
|
(Will prompt for computer name)
|
|
|
|
.NOTES
|
|
Must be run on a Domain Controller or a machine with RSAT AD tools installed.
|
|
LastLogonTimestamp is replicated between DCs (updated every ~14 days).
|
|
LastLogon is DC-specific and not replicated.
|
|
#>
|
|
|
|
[CmdletBinding()]
|
|
param(
|
|
[Parameter(Position = 0)]
|
|
[string]$ComputerName
|
|
)
|
|
|
|
if ([string]::IsNullOrWhiteSpace($ComputerName)) {
|
|
$ComputerName = Read-Host "Enter computer name"
|
|
}
|
|
|
|
$ComputerName = $ComputerName.Trim().ToUpper() -replace '\$$', ''
|
|
|
|
try {
|
|
$Computer = Get-ADComputer -Identity $ComputerName -Properties `
|
|
LastLogonTimestamp, LastLogon, OperatingSystem, OperatingSystemVersion, `
|
|
Created, Enabled, Description, DistinguishedName -ErrorAction Stop
|
|
|
|
$LastLogonTimestamp = if ($Computer.LastLogonTimestamp) {
|
|
[DateTime]::FromFileTime($Computer.LastLogonTimestamp)
|
|
} else { "Never" }
|
|
|
|
$LastLogon = if ($Computer.LastLogon -and $Computer.LastLogon -gt 0) {
|
|
[DateTime]::FromFileTime($Computer.LastLogon)
|
|
} else { "Never (on this DC)" }
|
|
|
|
$DaysSinceLogon = if ($LastLogonTimestamp -ne "Never") {
|
|
[math]::Round((New-TimeSpan -Start $LastLogonTimestamp -End (Get-Date)).TotalDays, 1)
|
|
} else { "N/A" }
|
|
|
|
Write-Host "`n===== Computer: $($Computer.Name) =====" -ForegroundColor Cyan
|
|
Write-Host ""
|
|
Write-Host "Last Logon (Replicated): " -NoNewline -ForegroundColor Yellow
|
|
Write-Host "$LastLogonTimestamp"
|
|
Write-Host "Last Logon (This DC): " -NoNewline -ForegroundColor Yellow
|
|
Write-Host "$LastLogon"
|
|
Write-Host "Days Since Last Logon: " -NoNewline -ForegroundColor Yellow
|
|
Write-Host "$DaysSinceLogon"
|
|
Write-Host ""
|
|
Write-Host "Account Enabled: $($Computer.Enabled)"
|
|
Write-Host "Operating System: $($Computer.OperatingSystem) $($Computer.OperatingSystemVersion)"
|
|
Write-Host "Created: $($Computer.Created)"
|
|
Write-Host "Description: $($Computer.Description)"
|
|
Write-Host "DN: $($Computer.DistinguishedName)"
|
|
Write-Host ""
|
|
|
|
} catch [Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException] {
|
|
Write-Host "`nError: Computer '$ComputerName' not found in Active Directory." -ForegroundColor Red
|
|
} catch {
|
|
Write-Host "`nError: $($_.Exception.Message)" -ForegroundColor Red
|
|
}
|