Script for finding servers that are not logged on

This topic contains 2 replies, has 3 voices, and was last updated by  Jeremy Murrah 1 year, 5 months ago.

  • Author
  • #60937


    Hello! Could someone please help me with a script for finding servers that has not been accessed during the last 6 months?
    I must be able to exclude service users. There are so many servers in my company so we will figure this out. Appreciate any help.

  • #60939

    Daniel Krebs

    Using the Search-ADAccount cmdlets which is part of the Active Directory PowerSHell module installed via the Remote Server Administration Tools you can discover inactive computer and user accounts.

    Import-Module ActiveDirectory
    # Generic call using defaults
    Search-ADAccount -AccountInactive -ComputersOnly
    # All computer accounts that have no activity for the last 365 days
    Search-ADAccount -AccountInactive -ComputersOnly -TimeSpan 365.00:00:00


  • #60940

    Jeremy Murrah

    Not sure if this is what you're after, but if you're looking for interactive logons by users, as opposed to authentications by service accounts you could use the user profile information. Assuming you have a list of servers to loop through you could do something like this to get the age of the most recently accessed user profile. Of course this doesn't take into account active and valid servers doing server stuff with no user logons, but it's something:

    $Scriptblock = {
        $lastaccessdate = Get-CimInstance win32_userprofile | sort-object -property lastusetime -descending | select -first 1 | select -expandproperty lastusetime
        $ServerAccessAge = $(get-date) - $lastaccessdate
        write-output $ServerAccessAge
    $servercred = get-credential
    $serverlist = get-content c:\scripts\serverlist.txt
    foreach ($server in $Serverlist){
        $ServerAccessAge = invoke-command -ComputerName $Server -Credential $servercred -ScriptBlock $Scriptblock
        if ($ServerAccessAge.days -gt 90){
            new-object psobject -Property @{
                Server = $Server
                Age = $ServerAccessAge


You must be logged in to reply to this topic.