In this post I will show you how to list all AD users and date of last logon for that accounts. This command will help to find out accounts which are not needed anymore and should be disabled or removed.
I will use here Get-ADUser cmdlet. Output will be limited to have accounts with enabled status.
1 |
Get-ADUser -Filter { Enabled -eq $true } -Properties GivenName, surname, EmailAddress, LastLogonDate | select GivenName, surname, EmailAddress, LastLogonDate | Sort lastlogondate | ft -AutoSize |
Result is like below:
If you want you can export results to csv file. At the end of command need to add:
| Out-File lastLogonDate.csv