Everyone i need some help i ran a report i built to pull all the necessary ad information for users in our OU's while we are doing a re-org of our ad structure. My CTO wants a last login for all accounts. Does anyone have a script to read samaccount names from a notepad/csv file to pull last login so that i can then export that or print it to a file on my c:\ and just reorganize it?

asked 11/14/2011 12:10

arsenal22's gravatar image

arsenal22 ♦♦

6 Answers:
I'll let the powershell guys chime in on the file question

If you quickly need it adfind can do it too

adfind -default -f "&(objectcategory=person)(objectclass=user)" samaccountname lastlogontimestamp -tdc -csv -nodn > c:\CTOReport.csv





mkline71's gravatar image


If you have the quest active roles setup:

get-qaduser -enabled | select samaccountname,lastlogon | export-csv <filename>
Will export the username and last logon time for each user in AD to a csv.

If you have Windows 2008 R2, you can use the native AD Powershell, you can do it with some modifications. Unfortunately, the native cmdlets don't format the time stamp from LDAP to human readable for you with the Native AD cmdlets, so I recommend using the quest cmdlets (Makes things a lot easier).
If your manager wants the lastlogon for all users, this is the easiest way to get it. You wouldn't need to read a CSV in to get it done.

answered 2011-11-14 at 08:14:21

acbrown2010's gravatar image


OK, so I would provide Quest PS script for that. Create CSV file with column named "login" and put there all sAMAccountNames, save on C-Drive as users.csv

Then use this syntax

Import-CSV c:\users.csv | %{ Get-QADUser $_.login | Select sAMAccountName,givenName,sn,lastLogonTimestamp } | Export-CSV c:\logon.csv


answered 2011-11-14 at 09:47:18

iSiek's gravatar image


That worked great but the problem is the last logon,lastlogintimestamp, and lastlogondate all returned with no values.  

Import-CSV "c:\temp\employee.csv" | %{ Get-ADUser -identity $_.login -Properties *} | Select-object SamAccountName,givenName,lastLogon,LastLogonDate | Export-CSV "c:\temp\output2.csv"


answered 2011-11-14 at 12:16:46

arsenal22's gravatar image


Hi Arsenal22,

What is the functional level of your domain? 

If the functional level is less than Windows 2003 then lastlogontimestamp will be blank.  The lastlogon attribute (different to lastlogontimestamp) is available at all functional levels, but isn't replicated between domain controllers so will only show the last time a user authenticated on the specific DC you are querying against.  The reason for this is to prevent excessive replication traffic (see here:

If your domain's functional level is below windows 2003 and you don't have too many domain controllers it may be feasible to write a script that will query the lastlogon attributes from all the DCs and find the most recent value for each user. Let me know if you would like me to do this.



answered 2011-11-15 at 10:00:01

dicconb's gravatar image


Hi, great that it works for  you. But you should not use lastLogon attribute because it is not replicated between DCs and I also do not know that LastLogonDate attribute

Please use lastLogonTimestamp attribute which is replicated between DCs

but as I can see, you are using Windows PS. I will check this in my test environment and will let you know later


answered 2011-11-15 at 16:25:04

iSiek's gravatar image


Your answer
[hide preview]

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments



Asked: 11/14/2011 12:10

Seen: 175 times

Last updated: 12/12/2011 01:07