Identify recently created user accounts that have not been used to access a web service in 14 days. I’m looking to filter on accounts with a blank LastLogonTimeStamp, and a whenCreated date of -14 days:
$TargetDate = Get-Date -Date (get-date).AddDays(-14)
$SearchBase = “OU=People,DC=my,DC=domain,DC=com”
$Filter = {(whenCreated -lt $TargetDate) -and (-not(lastLogonTimeStamp -like “*”))}
get-ADUser -Filter $Filter -SearchBase $SearchBase | Disable-ADAccount
The users who haven’t changed their passwords in the last 90 days:
$90_Days = (Get-Date).adddays(-90)
Get-ADUser -filter {(passwordlastset -le $90_days)}
To see all users who last logged on before January 1, 2013, you could type:
get-aduser -f * | where {$_.lastlogondate -le “1 January 2013”}
Find Those Inactive Users and Computers:
PS C:\> Import-Module ActiveDirectory
PS C:\> Get-ADUser –filter * | Where { $_.passwordLastSet –lt (Get-Date).AddDays(-365) }
PS C:\> Import-Module ActiveDirectory
PS C:\> Get-ADUser –filter * -prop PasswordLastSet | Where { $_.passwordLastSet –eq $null }
SomaBright 