Service accounts

Welcome Forums General PowerShell Q&A Service accounts

This topic contains 2 replies, has 3 voices, and was last updated by

 
Participant
2 months ago.

  • Author
    Posts
  • #114312

    Participant
    Points: 0
    Rank: Member

    I run this and get nothing in my csv, need to loop all five of my domain controllers to get proper last logon timestamp for service accounts in specific OUs:
    Import-Module ActiveDirectory

    function Get-ADUsersLastLogon()
    {
    $dcs = Get-ADDomainController -Filter {Name -like "*"}
    $users = Get-ADUser -Filter * -SearchBase "OU=Service Accounts,OU=SSG,DC=ssg,DC=domainname,DC=com"
    $time = 0
    $exportFilePath = "c:lastLogon.csv"
    $columns = "name,username,datetime"

    Out-File -filepath $exportFilePath -force -InputObject $columns

    foreach($user in $users)
    {
    foreach($dc in $dcs)
    {
    $hostname = $dc.HostName
    $currentUser = Get-ADUser $user.SamAccountName | Get-ADObject -Server $hostname -Properties lastLogon

    if($currentUser.LastLogon -gt $time)
    {
    $time = $currentUser.LastLogon
    }
    }

    $dt = [DateTime]::FromFileTime($time)
    $row = $user.Name+","+$user.SamAccountName+","+$dt

    Out-File -filepath $exportFilePath -append -noclobber -InputObject $row

    $time = 0
    }
    }

    Get-ADUsersLastLogon | Export-CSV C:\SSGServiceAccounts\LastLogonReport.csv -NoTypeInformation

  • #114351
    Jon

    Participant
    Points: 37
    Rank: Member

    What happened to this post?

    Clean up Service accounts in AD

    Please please format your code. Above every post in bold has instructions how to do this.

    Have you stepped through your code line by line and see where a variable fails to populate? You have a lot going on here, and haven't given us much information on where you're running into issues other than "it's not working"

  • #114442

    Participant
    Points: 321
    Helping Hand
    Rank: Contributor

    Why are you serializing the file data...

    Out-File -filepath $exportFilePath -append -noclobber -InputObject $row 
    

    … then exporting here?

    Get-ADUsersLastLogon | 
    Export-CSV 'C:\SSGServiceAccounts\LastLogonReport.csv' -NoTypeInformation
    

    You give a file name of …

    $exportFilePath = "c:lastLogon.csv"

    … then change that file name here...

    Export-CSV 'C:\temp\LastLogonReport.csv' -NoTypeInformation 
    

    ...why?

    It's even ion a different path. Again, why?

    This is really not a thing. It's one or the other.

    You don't need this at all...

     
    | Export-CSV C:\SSGServiceAccounts\LastLogonReport.csv -NoTypeInformation 
    

    Since you already created the file in the code.

    This is why, Jon stated...

    Have you stepped through your code line by line and see where a variable fails to populate?

    … as I say all the time.

    If you don't approach you script one step at a time, yo have no idea in most cases if what you are doing is ever going to work in the end. Each step by itself must be successful.

You must be logged in to reply to this topic.