powershell script to export ad users RRS feed

  • Question

  • Our Company is required to export a .csv file with following information.

    Display Name, First Name, Last Name, Employee Number, Last Logon time of all the computers.

    basically, who log on to the each computers and above details of users.

    Please be kind enough to help me with this task.



    • Moved by Bill_Stewart Friday, December 30, 2016 8:47 PM This is not "scripts on demand"
    Monday, November 14, 2016 2:30 PM

All replies

  • Prewritten scripts you can find here:  Microsoft Technet Script Gallery

    Grüße - Best regards

    PS:> (79,108,97,102|%{[char]$_})-join''

    Monday, November 14, 2016 2:34 PM
  • The information on users can be retrieved using the PowerShell Get-ADUser cmdlet (you may need to import the ActiveDirectory module). The LastLogonDate property exposed by Get-ADUser will give you the last logon date and time within about 14 days (it is based on the lastLogonTimestamp attribute of users). But Active Directory does not track who logs onto which computers. That is a very different and much more difficult task.

    For that, you might need to enable auditing of all logon activities, then run a script that parses the security logs. Or you might find a script that connects to every computer (if they are available and connected at the time) and gets the time each user last authenticated on the computer from the local profiles (which can be very slow). The best solution I have used in the past is a logon script (configured in Group Policy) that logs logon information to a shared log file. This works well in a small environment without a lot of remote sites. For example, the logon script can be as simple as the following batch file:

    @echo off
    echo %date% %time%, %username%, %computername% >> \\MyServer\MyShare\Logons.csv

    This appends one line per logon to the shared file, which is in csv format so it can be read into Excel for analysis. For example, you could sort by user and date.

    Richard Mueller - MVP Enterprise Mobility (Identity and Access)

    Monday, November 14, 2016 3:09 PM
  • Actually the login info including computer name is logged to the security log of the DC that handled the login. This is the default behavior for DCs.  What is not available is local account logons for member systems.

    With event log subscriptions we can forward all logon records from all systems to a central system and extract that to a database for reporting.


    Monday, November 14, 2016 3:22 PM