Are you looking to identify users who have never logged in at least once in Active Directory? In this blog post, we will walk you through the steps to find and obtain a list of these users using PowerShell.
Using lastlogontimestamp attribute
To accomplish this task, we will utilize the Active Directory PowerShell cmdlet Get-ADUser. This cmdlet allows us to query users in Active Directory and check the value of the AD attribute lastlogontimestamp to determine if it is empty. By doing so, we can list all enabled users who have never logged on.
Here’s an example of the PowerShell command:
Get-ADUser -Filter {(lastlogontimestamp -notlike "*") -and (enabled -eq $true)} | Select Name,DistinguishedNameThe output will provide you with a list of enabled users who have never logged on, along with their names and distinguished names.
Exporting Users to a CSV File
If you need to export the list of users who have never logged on, you can use the Export-CSV cmdlet. The following command exports the users to a CSV file named “NeverLoggedOnUsers.csv” with UTF-8 encoding:
Get-ADUser -Filter {(lastlogontimestamp -notlike "*") -and (enabled -eq $true)} | Select Name,DistinguishedName | Export-CSV "C:\\\\NeverLoggedOnUsers.csv" -NoTypeInformation -Encoding UTF8This allows you to further analyze the data or share it with others.
Filtering Users by Creation Time
In some cases, you may want to find users who were created within a certain timeframe but have not logged in. To achieve this, you can filter users based on their creation time using PowerShell.
Here’s an example command that lists users created within the last 30 days but have not yet logged in:
$days = 30
$createdtime = (Get-Date).Adddays(-($days))
Get-ADUser -Filter {(lastlogontimestamp -notlike "*") -and (enabled -eq $true) -and (whencreated -gt $createdtime)} | Select Name,DistinguishedName
Conclusion
Identifying users who have never logged in Active Directory is made easy with the power of PowerShell and the Get-ADUser cmdlet. By utilizing these commands, you can efficiently manage your user accounts and ensure that your Active Directory environment remains organized and up-to-date.
We hope this blog post has been informative and helpful. If you have any questions or need further assistance, feel free to leave a comment below.
YouTube Video
Hi! I wanted to share my YouTube video on this topic with you. It would be great if you could take a moment to watch it, give it a thumbs up, share it with others, and maybe even consider subscribing to my YouTube channel. I really appreciate your support!
