Script que lê o atributo lastlogon de todos os DCs do domínio.
Importante: O atributo lastlogon não é replicado entre os DCs e gera um CSV (arquivo separado por ponto e virgula) contendo sAMAccountName, Name, when created e lastlogon (o verdadeiro, a data mais recente encontrada entre todos os DCs).
Este script em PowerShell foi testado nas seguintes plataformas
Windows 10 | Sim |
Windows Server 2012 | Sim |
Windows Server 2012 R2 | Sim |
Windows Server 2008 R2 | Sim |
Windows Server 2008 | Sim |
Windows Server 2003 | Sim |
Windows 8 | SIm |
Windows 7 | Sim |
Para executar este script, você deve iniciar o PowerShell com privilégios de administrador, sua estação deve estar no domínio do Active Directory
Copiar o script e executar no PowerShell com privilégios de administrador.
****************************************************************************
$FileOut = “C:\astlogon.csv”
$strFilter = “(&(objectCategory=person)(objectClass=user))”
#Custom Object
$colUsuarios = @()
# List each Domain Controller
$StrDCs = [System.DirectoryServices.ActiveDirectory.Domain]::getcurrentdomain() | foreach{$_.DomainControllers| foreach{$_.Name}}
$StrDCs | foreach-object {
$StrEachDC = “LDAP://”+$_.split(“.”)[0]
$objDomain = New-Object System.DirectoryServices.DirectoryEntry $StrEachDC
$objSearcher = New-Object System.DirectoryServices.DirectorySearcher
$objSearcher.SearchRoot = $objDomain
$objSearcher.PageSize = 1000
$objSearcher.Filter = $strFilter
$objSearcher.SearchScope = “Subtree”
$colProplist = “name”,”sAMAccountName”,”lastlogon”,”whenCreated”,”useraccountcontrol”
foreach ($i in $colPropList){$objSearcher.PropertiesToLoad.Add($i)|Out-Null}
$colResults = $objSearcher.FindAll()
foreach ($objResult in $colResults){
$User = $objResult.Properties;
$AcaoErro = $ErrorActionPreference
$ErrorActionPreference = “silentlycontinue”
$dtLogon = $lastlogon =[DateTime]::FromFileTime([Int64]::Parse($User.lastlogon))
$ErrorActionPreference = $AcaoErro
$dtCreated= $User.whencreated[0]
$Account=$User.samaccountname[0]
$Name = $User.name[0]
$dis = $User.useraccountcontrol
if ($dis -eq 514){$Habilitado=”Não”}else{$Habilitado=”Sim”}
#Custom Object
#Localiza Objeto
$Localiza = $colUsuarios | ? { $_.samAccountName -eq “$Account”}
if ($Localiza.count -eq 0){
$objUsuario = New-Object System.Object
$objUsuario | Add-Member -type NoteProperty -name “samAccountname” -value $Account
$objUsuario | Add-Member -type NoteProperty -name “name” -value $Name
$objUsuario | Add-Member -type NoteProperty -name “whencreated” -value $dtCreated
$objUsuario | Add-Member -type NoteProperty -name “lastlogon” -value $dtLogon
$objUsuario | Add-Member -type NoteProperty -name “lastlogon server” -value $StrEachDC
$objUsuario | Add-Member -type NoteProperty -name “Enabled” -value $Habilitado
$colUsuarios += $objUsuario
} else {
if ($Localiza[0].lastlogon -lt $dtLogon){
$Localiza[0].lastlogon = $dtLogon
$Localiza[0].”lastlogon server” = $StrEachDC
}
}
}
}
#Write File
Remove-Item $FileOut -Force -ErrorAction SilentlyContinue
$colUsuarios | Export-Csv -Path $FileOut -NoTypeInformation -Encoding Default -Delimiter “;”
*****************************************************************************