Powershell Query - AD User groups

Associate
Joined
2 Aug 2005
Posts
588
Hi,

I'm trying to write a powershell query which finds all active directory users groups matching a certain string, finds the list of all members, and their last logon dates however I'm struggling and would appreciate any help

Code:
Import-Module ActiveDirectory

$Groups = (Get-AdGroup -filter * | Where {$_.name -like "vpn*"} | select name -expandproperty name)


$Table = @()

$Record = [ordered]@{
"Group Name" = ""
"Name" = ""
"Username" = ""
"LastLogonDate" = ""

}



Foreach ($Group in $Groups)
{

$Arrayofmembers = Get-ADGroupMember -identity $Group -Recursive | select name,samaccountname, lastlogondate

foreach ($Member in $Arrayofmembers)
{
$Record."Group Name" = $Group
$Record."Name" = $Member.name
$Record."UserName" = $Member.samaccountname
$Record."LastLogonDate" = $Member.lastlogondate
$objRecord = New-Object PSObject -property $Record
$Table += $objrecord

}

}

$Table | export-csv C:\users\user\Documents\vpngroupoutput.csv -NoTypeInformation

The issue I'm having is line 21:
Code:
Get-ADGroupMember -identity $Group -Recursive | select name,samaccountname, lastlogondate

because Get-ADGroupMember can't use the lastlogondate object. Can anyone help or have a solution to this?

Thanks

Sam
 
Soldato
Joined
15 Sep 2009
Posts
2,876
Location
Manchester
You can just pipe a Get-ADUser in there so that you can select the LastLogonDate:

Code:
Get-ADUser -Properties LastLogonDate | Select SamAccountName,LastLogonDate

So it would be:

Code:
$Arrayofmembers = Get-ADGroupMember -identity $Group -Recursive | Get-ADUser -Properties LastLogonDate | Select Name,SamAccountName,LastLogonDate

That should work but I haven't tested.
 
Associate
OP
Joined
2 Aug 2005
Posts
588
@Throrik Sadly not:

Code:
Get-ADUser : Directory object not found
At C:\Users\User\Desktop\ADGroups - last logon.ps1:21 char:67
+ ... tity $Group -Recursive | Get-ADUser -Properties LastLogonDate | Selec ...
+                              ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (:ADUser) [Get-ADUser], ADIdentityNotFoundException
    + FullyQualifiedErrorId : ActiveDirectoryCmdlet:Microsoft.ActiveDirectory.Management.ADIdentityNotFoundException,Microsoft.ActiveDirectory.Management.Commands.GetADUser
 
Soldato
Joined
18 Oct 2002
Posts
8,116
Location
The Land of Roundabouts
Change line 30 to something like
Code:
$Record."LastLogonDate" = (Get-ADUser $Record."UserName" -Properties Lastlogondate | Select-Object -ExpandProperty lastlogondate)


Just to point out though the lastlogondate is somewhat unreliable as a decent source for auditing, if you want a more precise date you will need the tool shared in the Powershell scripts post :)
 
Associate
OP
Joined
2 Aug 2005
Posts
588
@LizardKing This is something I'd looked into doing myself last night, but you get the following error with that
Code:
Get-ADUser : Cannot validate argument on parameter 'Identity'. The argument is null. Provide a valid value for the argument, and then try running the command again.
At C:\Users\User\Desktop\ADGroups - last logon.ps1:28 char:39
+ $Record."LastLogonDate" = (Get-ADUser $Record."UserName" -Properties  ...
+                                       ~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidData: (:) [Get-ADUser], ParameterBindingValidationException
    + FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.ActiveDirectory.Management.Commands.GetADUser
 
Associate
OP
Joined
2 Aug 2005
Posts
588
Managed to get it working, with the following:

Code:
Import-Module ActiveDirectory

$Groups = (Get-AdGroup -filter * | Where {$_.name -like "vpn*"} | select name -expandproperty name)


$Table = @()

$Record = [ordered]@{
"Group Name" = ""
"Name" = ""
"Username" = ""
"LastLogonDate" = ""

}



Foreach ($Group in $Groups)
{

Get-ADGroupMember -identity $($group.name) -Recursive | Get-ADUser -Property LastLogonDate -ErrorAction silentlycontinue | ForEach {

$Record."Group Name" = $($Group.name)
$Record."Name" = $_.name
$Record."UserName" = $_.samaccountname
$Record."LastLogonDate" = $_.LastLogonDate
$objRecord = New-Object PSObject -property $Record
$Table += $objrecord

    }
}

$Table | export-csv C:\Users\sUsers\Documents\VPNUsersExport.csv
 
Back
Top Bottom