...hopefully some useful VMware related stuff

Script to identify Inactive Active Directory User Accounts for an AD 2003 domain

06/07/2010 21:00

Get all Active Directory users in the domain, pick out firstly User accounts which have never logged in and second get the last logged in time for each account which have logged in and report back any accounts which haven't logged in within the last 31 days.

Couldn't find PowerShell cmdlets for Active Directory 2003 and didn't want to install anything more than PowerShell on the servers, so I used a combination of standard tools 'dsget', 'dsquery' and also a VB script from https://www.rlmueller.net/Last%20Logon.htm

I created a couple of functions, first to strip the CN name from a Distinguished Name and second to get the domain name from the distinguished name so I could run this at multiple domains and yet the report could be distinguished by the domain name.

I also used a couple of functions to strip out a regex from the original CSV file from https://www.huddledmasses.org

 

The result is two email reports:

 

User accounts which have Never logged in:

User accounts which haven't logged in within the last 31 days:

 

Download the script HERE and is included below:

 

# Active Directory User Logon Statistics Email Report (AD 2003+)
# https://www.a2-alpha.co.uk
# Requires: dsget, dsquery, lastlogon.vbs (https://www.rlmueller.net/Last%20Logon.htm)
# lastlogon.vbs should be in the root of C:\ or update the script!
# Uses some import functions from: https://huddledmasses.org/powershell-convert-delimiters-import-tab-delimited-text/
# Version 1.0 - Original Script
# Version 1.1 - Added Time Status
# Version 1.2 - Added Error Checking
# 20100706
# Current Version 1.2
# Feedback to dan@a2-alpha.co.uk would be great!

##################################################

# PREREQUISITES

# Requires: dsget, dsquery, lastlogon.vbs (https://www.rlmueller.net/Last%20Logon.htm)
# lastlogon.vbs should be in the root of C:\ or update the script!
# Uses some import functions from: https://huddledmasses.org/powershell-convert-delimiters-import-tab-delimited-text/

##################################################

# DESCRIPTION

# Queries Active Directory for all users last logon time using the lastlogon.vbs script.
# This is then imported into a PowerShell variable
# Each user is queried using dsquery and dsget for their display name
# Two emails result, the first a list of users who have never logged in and
# a list of all users who have not logged in during the period specified (31 days at the moment)
# whos accounts are enabled.
# Use this script to check this information and disable any unused user accounts for security of the environment.

##################################################

# VARIABLES

$recipient = "user@domain.com"
$sender = "reporting@domain.com"
$smtpserver = "EXCHANGE01"
$daystocheck = 31

##################################################

$ErrorActionPreference = "SilentlyContinue"
$Error.Clear()
dsquery > c:\temp.txt
If($Error -like "*dsquery*")
{
    Clear
    ""
    "dsquery was not found on this machine, please check you are running this on a domain member server"
    ""
}
Else
{
    $Error.Clear()
    dsget > c:\temp.txt
    If($Error -like "*dsget*")
    {
        Clear
        ""
        "dsget was not found on this machine, please check you are running this on a domain member server"
        ""
    }
    Else
    {
        $Error.Clear()
        if(!(test-path -path "C:\LastLogon.vbs"))
        {
        Clear
        ""
        "The LastLogon.vbs Script was not in the default location, please check (C:\LastLogon.vbs)"
        ""
        }
        Else
        {
        Clear
        $currenttime = get-date -UFormat "%T"
        "$currenttime ... Prerequisites optimal"

        ##################################################

        # FUNCTIONS

        $currenttime = get-date -UFormat "%T"
        "$currenttime ... Loading Functions"

        Function Convert-Delimiter([regex]$from,[string]$to)
        {
          process
          {
            $_ = $_ -replace "(?:`"((?:(?:[^`"]|`"`"))+)(?:`"$from|`"`$))|(?:((?:.(?!$from))*.)(?:$from|`$))","Þ`$1`$2Þ$to"
            $_ = $_ -replace "Þ(?:$to|Þ)?`$","Þ"
            $_ = $_ -replace "`"`"","`"" -replace "`"","`"`""
            $_ = $_ -replace "Þ((?:[^Þ`"](?!$to))+)Þ($to|`$)","`$1`$2"
            $_ = $_ -replace "Þ","`"" -replace "Þ","`""
            $_
          }
        }

        Function Import-Delimited([regex]$delimiter=",", [string]$PsPath="")
        {
          begin{
            $script:tmp = [IO.Path]::GetTempFileName()
            write-debug "Using tempfile $($script:tmp)"
           
            Function Import-String([string]$inputString){
              if($inputString.Length -gt 0 ) {
              write-debug "Importing $inputString"
              if(($inputString -as [IO.FileInfo]).Exists) {
                Get-Content $inputString | Convert-Delimiter $delimiter "," | Add-Content $script:tmp
              } elseif( ((Join-Path $pwd $inputString) -as [IO.FileInfo]).Exists) {
                Get-Content (Join-Path $pwd $inputString) | Convert-Delimiter $delimiter "," | Add-Content $script:tmp
              } else {
                $inputString | Convert-Delimiter  $delimiter "," | Add-Content $script:tmp
              }
              } else {
                write-debug "Nothing to Import"
              }
            }
           
            Import-String $PsPath
          }
         
          process{
            Import-String $_
          }
          end
          {
            Import-Csv $script:tmp
          }
        }

        Function Get-CName([string]$DistName)
        # Convert Distinguished name to CN
        # https://www.a2-alpha.co.uk
        # 20100705
        {
          process
          {
            $_ = $DistName.Split(",")
            $_ = $_[0]
            $_.Substring(3)
          }
        }

        function Get-DC([string]$DistName)
        # Get Domain from Distinguished Name
        # https://www.a2-alpha.co.uk
        # 20100705
        {
            Process
            {
                $_ = $DistName.Split(",")
                $Count = 0
                ForEach($line in $_)
                {
                    If($line -like "*DC*")
                    {
                        $Count++
                    }
                }
                $LineTotal = $_.Count
                If($Count -gt 3)
                {
                    "Unable to Determine Domain"
                }
                ElseIf($Count -eq 3)
                {
                    $LastLine = ($_.Count)-1
                    $LastLine1 = ($_.Count)-2
                    $LastLine2 = ($_.Count)-3
                    $D1 = ($_[$LastLine]).Substring(3)
                    $D2 = ($_[$LastLine1]).Substring(3)
                    $D3 = ($_[$LastLine2]).Substring(3)
                    "$D3.$D2.$D1"
                }
                ElseIf($Count -eq 2)
                {
                    $LastLine = ($_.Count)-1
                    $LastLine1 = ($_.Count)-2
                    $D1 = ($_[$LastLine]).Substring(3)
                    $D2 = ($_[$LastLine1]).Substring(3)
                    "$D2.$D1"
                }
                Else
                {
                    "Unable to Determine Domain"
                }
            }
        }


        ##################################################

        # CREATING THE USER OBJECT AND INTERPRETING DATA

        $currenttime = get-date -UFormat "%T"
        "$currenttime ... Importing AD User Data"

        $userdata = @()
        echo "Name;LastLogon" > c:\lastlogontemp.csv
        cscript //nologo c:\LastLogon.vbs >> c:\lastlogontemp.csv
        Get-content c:\lastlogontemp.csv | convert-delimiter ";" "," | set-content c:\lastlogon.csv
        $userdata += import-csv c:\lastlogon.csv
        $never = $userdata | select Name, LastLogon | where {$_.LastLogon -like "Never"}

        $currenttime = get-date -UFormat "%T"
        "$currenttime ... Building First User Object"

        $NeverRep = @()
        ForEach($usrNev in $never)
        {
            $NeverObj = "" | Select Name, LastLogon, DisplayName
            $NeverObj.Name = $usrNev.Name
            $NeverObj.LastLogon = $usrNev.LastLogon
            $NeverObj.DisplayName = Get-CName $usrNev.Name
            $NeverRep += $NeverObj
        }
        $loggedinusers = @()
        $loggedin = $userdata | select Name, LastLogon | where {$_.LastLogon -notlike "Never"}

        $DomainbeingChecked = Get-DC (($loggedin[0]).Name)

        $currenttime = get-date -UFormat "%T"
        "$currenttime ... Building Second User Object"

        ForEach($user in $loggedin)
        {
            $disabled = dsget user $user.Name -disabled
            $loggedinObj = "" | select Name, LastLogon, DisplayName, Disabled, "Last $daystocheck Days"
            $loggedinObj.Name = $user.Name
            [datetime]$lastlogon = (get-date -UFormat "%m/%d/%Y %T"($user.LastLogon))
            $loggedinObj.LastLogon = $lastlogon
            $loggedinObj.DisplayName = Get-CName $user.Name
            If($disabled -like "*no*")
            {
                $loggedinObj.Disabled = "No"
            }
            Else
            {
                $loggedinObj.Disabled = "Yes"
            }
            $loggedinUsers += $loggedinObj
           
            [datetime]$checkdate = (get-date((get-date).AddDays(-$daystocheck)))
           
            If($loggedinObj.LastLogon -gt ($checkdate))
            {
                $loggedinObj."Last $daystocheck Days" = "Yes"
            }
            Else
            {
                $loggedinObj."Last $daystocheck Days" = "No"
            }
        }

        ##################################################

        # REPORTING

        $currenttime = get-date -UFormat "%T"
        "$currenttime ... Creating Report"

        $loggedinUsers = $loggedinUsers
        $report = $loggedinUsers | sort LastLogon | select DisplayName, "Last $daystocheck Days", LastLogon, Disabled | where {$_."Last $daystocheck Days" -like "No" -and $_.Disabled -like "No"}

        ##################################################

        # EMAILING

        $body = $report | ft -AutoSize

        if(!$body)
        {
            $body = "No Data to Report"
        }

        $body = $body | out-string

        $currenttime = get-date -UFormat "%T"
        "$currenttime ... Emailing to $recipient"

        Send-MailMessage -to "$recipient" -From "$sender" -Subject "$DomainbeingChecked - Inactive Users" -SmtpServer "$smtpserver" -Body $body

        $Never = $NeverRep | Select DisplayName, LastLogon | Out-String

        Send-MailMessage -to "$recipient" -From "$sender" -Subject "$DomainbeingChecked - Users Never Logged In" -SmtpServer "$smtpserver" -Body $Never

        ##################################################

        # TIDY UP TEMP FILES

        $currenttime = get-date -UFormat "%T"
        "$currenttime ... Deleting Temp Files"

        Remove-Item c:\lastlogontemp.csv
        Remove-Item c:\lastlogon.csv
        Remove-Item c:\temp.txt

        ##################################################

        # END OF SCRIPT

        $currenttime = get-date -UFormat "%T"
        "$currenttime ... Script Ends"

        ##################################################
        }
    }
}

 

Script to identify Inactive Active Directory User Accounts for an AD 2003 domain

Date: 13/08/2016

By: Pharmd123

Subject: Good info

Very nice site!

Date: 12/08/2016

By: Smithd47

Subject: John

Actually its referred to as Search engine optimization that when i search for this post I found this web page at the top of all web pages in search engine. ckffcdcgeegaafag

Date: 09/01/2015

By: KennethDob

Subject:

https://best-golf-putter.com/wp-includes/123/2015010401084028vz.html
https://marketingorama.com/wp-includes/123/20150104011049bx28.html
[URL=https://www.caracasvirtual.com/wp-includes/123/20150104050349vh50.html]p ゲラルディーニ 赤 め[/URL]
[URL=https://www.bloggingformoney.co.uk/wp-includes/123/20150104050822ml07.html]gherardini alessandro[/URL]
https://howtotreatdiabetes.net/wp-includes/123/2015010722425000.html
https://boardmansarttheatre.com/wp-includes/110/2015010622593263.html
https://www.make10kamonth.com/wp-includes/123/2015010401144416zl.html
https://marketingorama.com/wp-includes/123/20150104010849wk36.html
https://www.BaltimoreSeomanagement.com/wp-includes/123/2015010401103945ci.html
https://www.beforex.info/wp-includes/123/20150104011051us11.html
https://mercadeointeligente.info/wpsitio3/wp-includes/123/20150104010630qy03.html
https://aceappetitecontrolenergy.com/wp-includes/110/2015010623180194.html
https://best-golf-putter.com/wp-includes/123/2015010401424825qi.html
https://www.caracasvirtual.com/wp-includes/123/20150104010848vj09.html
https://www.bloggingformoney.co.uk/wp-includes/123/20150104010820zx64.html
[URL=https://remedypanicattack.com/wp-includes/123/2015010401134144my.html]オークリー マイルストーン[/URL]
https://srsindia.org/123/2015010501405958.html
https://BACKYARDLANDSCAPING.US/wp-includes/123/2015010401130903ja.html
https://aceappetitecontrolenergy.com/wp-includes/110/2015010623023689.html
https://magemuskler.com/wp-includes/123/2015010722425044.html
https://www.treatment-hemorrhoid.com/wp-includes/123/20150104010849na96.html
https://theportableairconditionerguide.com/wp-includes/123/2015010421500950.html
https://exercisesfortheelderly.org/wp-includes/110/2015010623020659.html
[URL=https://BACKYARDLANDSCAPING.US/wp-includes/123/2015010401130903ja.html]オークリー 宮里藍[/URL]
https://www.totallydoggytraining.com/wp-includes/123/2015010401110886iv.html
https://beateczemanow.reviewmix.com/wp-includes/110/2015010623125694.html
https://annonces-quebec.com/wp-includes/123/2015010401410080hv.html
https://www.ultimatefares.net/wp-includes/123/2015010401131094td.html
https://selfimprovementselfhelp.com/wp-includes/123/20150104011156cn79.html
https://www.make10kamonth.com/wp-includes/123/2015010401114056lh.html
https://selimgrotto.com/110/2015010623115874.html
https://just-plain-wrong.com/wp-includes/123/2015010723030400.html
https://fast-cashloans.org/wp-includes/123/2015010401365047ux.html
https://hemorrhoids-bleeding.com/wp-includes/dunhill/2015010423352565.html
https://styrofoamglue.net/wp-includes/123/2015010421501277.html
https://www.solarpowerforum.com/wp-includes/123/2015010401114067kj.html
https://theplazachurch.com/911/2015010612463244.html
https://www.solar4-energy.com/wp-includes/123/2015010401120985jf.html
[URL=https://www.thegeneraldesign.co/wp-includes/123/20150104050853ki90.html]gherardini camicie[/URL]
https://www.backpainas.com/wp-includes/123/2015010401432719is.html
https://healthguideweb.net/wp-includes/123/2015010401414085wm.html
[URL=https://www.forextradersreviews.net/wp-includes/123/20150104050853sy35.html]ゲラルディーニ バッグ 重さ[/URL]
https://boardmansarttheatre.com/wp-includes/110/2015010623190233.html
https://howtobealoser.net/wp-includes/123/2015010722425088.html
https://plumbers-goldcoast.com/articles/wp-includes/123/2015010401454729zg.html
https://hemorrhoids-bleeding.com/wp-includes/123/2015010401114099qv.html
https://www.mainephotopro.com/wp-includes/123/2015010401123904az.html
https://salempersonalinjuryattorney.com/wp-includes/123/2015010419011594.html
https://kindlebookstoresite.com/wp-includes/123/2015010421500435.html
https://oroinversiongalicia.secretosexito.com/wp-includes/dunhill/2015010423360201.html

Date: 16/01/2014

By: qbjdsrlmi

Subject: sdwhz


Date: 15/01/2014

By: tauqcfbin

Subject: syntl


Date: 13/01/2014

By: ecclfnpfp

Subject: akpvb


Date: 09/01/2014

By: fxzkeglnm

Subject: omyhu


Date: 03/01/2014

By: wilmfajzs

Subject: aqioe


Date: 02/01/2014

By: oukzkoxkh

Subject: rethd


Date: 31/12/2013

By: jlhuzhbzl

Subject: dafyt


Search site