Active Directory Last Logon Report Tool

Sharing buttons:

in this video we will look at the Active

Directory last logon report tool this

tool will report users last logon date

and time when a user authenticates to

Active Directory it will put a timestamp

and an attribute in Active Directory to

get the true last logon date you will

have to query every single domain

controller because when that user

dedicates it will put that timestamp on

the last logon attribute in that account

and this this attribute does not get

replicated so you'll have to query this

for every domain controller to get the

true last logon date for every account

so doing that manually would be a pain

in the butt so this tool will go out

query all over to my controllers and

find that last logon date and report it

back so you can choose to run this on

all users a single users or all users in

inter know you I'll go ahead and run

this on all accounts and it's completed

and then I could filter on any of these

columns so if I want to filter on you

know the last logon date and if there's

no value reported back that means the

accounts never been logged into so this

this tool will help you identify

accounts that may not be active or you

know valid accounts or accounts to just

haven't been used in in a very long time

so you see here are all the accounts and

it shows the last DC they've logged into

a lot of these are just on DC one but

you can see in some of these the last

logon date was recorded on another

domain controller

so let's pulled that back

so you can see you can do this on all

users if I wanted to do a single user I

can just type in their account name hit

run now I've got that last logon date

for that user I can do all users from an

oh you so let me just do all of my all

the users in this test oh you and their

reports back all of those users and then

you can you can export any of this to

CSV or HTML that may be used for

historical reports or reporting to an

auditor compliance reasons

let's pull that up so I've exported all

you have to do is just select the report

you want to run let's say that to my

desktop it run

you can see its export of that so let me

open that up so here is the export to

excel then you can you can do whatever

you want with this in Excel create a

report save it whatever again this tool

is very handy again it's it's hard to go

through it would be a headache to go

through all the domain controllers for

every user to pull back that last logon

date so you can use this for I like to

use this for identifying accounts that

have not been used well often get asked

by auditors compliance reasons you know

if we're doing a check on Active

Directory cleaning up accounts so you

can see these accounts right here

they've not been used in a few months

now so maybe they're no longer valid

counts so I could go ahead and disable

those accounts and these accounts you

know which these are system accounts you

know I wouldn't want to mess with those

but you know say it was this test user

account and this fill was blank that

would mean this accounts never been

logged into logged into so I may want to

disable that account so that's pretty

much it for this for this video when you

download this tool just run this batch

file it will run it the batch file will

execute the PSone file which includes

the the GUI let me run this here so

download it and then just run the ad

last logon batch file so this tool is

just a PowerShell script with a GUI

front-end to it and it does require the

are set tools so make sure you have that

installed and then you can you can run

this from anywhere you don't have to

install on the tool anywhere you can

just copy this folder the floor that you

extract you can copy that anywhere your

desktop do you drive

anywhere and then run that batch file to

open up this tool that's pretty much it

if you have questions just leave me a

comment thanks