I am trying to clean up my AD OUs and have some unpingable computers. So I was wondering if there was a command I could run to find out when the last time those computers last authenticated to the network.
Asked
Active
Viewed 114 times
0
-
1Powershell? try http://community.spiceworks.com/scripts/show_download/1097 – Logman Sep 04 '14 at 16:10
1 Answers
0
Not an exact answer, but I've been down this path, and there are PowerShell and VBS ways to get this info (and perhaps someone will post those answers as well), but in the end I found using a utility that was designed for the task was much easier.
To that end, get yourself a copy of AD Tidy. It can find user and machine accounts that haven't logged into AD for X amount of time, and optionally move them to a different OU (etc.).
It has a Free and a paid "Standard" version. I'm not sure what is in the Standard version that's not in the Free one, but for finding inactive accounts by age and moving them to a new OU, the Free version (currently using 2.1.7) works perfectly fine from my experience.
Note: I have no relation to the software/company other than I use the free version of their product. :)
Ƭᴇcʜιᴇ007
- 112,807