Home > Enterprise >  Get Computer description and last logged on user from OU
Get Computer description and last logged on user from OU

Time:12-10

How do I get a list of computers in a particular OU along with the Description and Last logged on user in a .csv?

$userName = (Get-CimInstance -ClassName Win32_ComputerSystem -ComputerName $machine -ErrorAction:SilentlyContinue).UserName
$DisComp = Get-ADComputer -LDAPFilter "(Name=LN-*)" -SearchBase "OU=Computers - Disabled,DC=XXXXX,DC=com" | Select-Object Name

$results = foreach ($Machine in $DisComp) {

$Description = Get-AdComputer -Identity $Machine -Properties * | Select-Object Description

   $UserName 
   $Machine
   $Description
}
$results | Export-Csv -Path C:\XXXXX

CodePudding user response:

Define the OU and CSV file paths

$ouPath = "OU=Workstations,DC=contoso,DC=com"
$csvPath = "C:\temp\computer-list.csv"

Use the Get-ADComputer cmdlet to get a list of computers in the OU

$computers = Get-ADComputer -SearchBase $ouPath -Filter * -Properties lastlogondate,description

Loop through each computer and get the description and last logged on user

  foreach ($computer in $computers) {
      $description = $computer.Description
      $lastLoggedOnUser = $computer.LastLogonUser
      $data = [PSCustomObject]@{
      "Computer Name" = $computer.Name
      "Description" = $description
      "Last Logged On User" = $lastLoggedOnUser
      }

Add the computer data to the CSV file

$data | Export-Csv -Path $csvPath -Append -NoTypeInformation
}

CodePudding user response:

AFAIK there is no AD computer property called LastLogonUser or any other property that holds this information. To get the user that last logged on, you need to query the windows Eventlog on that computer and search for events with ID 4672

As aside, don't use -Properties * if all you want on top of the default properties returned is the Description property.

Try:

$searchBase = "OU=Computers - Disabled,DC=XXXXX,DC=com"
$Computers  = Get-ADComputer -LDAPFilter "(Name=LN-*)" -SearchBase $searchBase -Properties Description

$results = foreach ($machine in $Computers) {
    # to get the username who last logged on, you need to query the Security log
    $events = Get-WinEvent -ComputerName $machine.Name -FilterHashtable @{Logname='Security';ID=4672} -MaxEvents 50 -ErrorAction SilentlyContinue
    $lastLogon = if ($events) { 
                    (($events | Where-Object {$_.Properties[1].Value -notmatch 'SYSTEM|NETWORK SERVICE|LOCAL SERVICE'})[0]).Properties[1].Value
                 }
                 else { 
                    "Unknown" 
                 }
    # output an object
    [PsCustomObject]@{
        ComputerName     = $machine.Name
        Description      = $machine.Description
        LastLoggedOnUser = $lastLogon
    }
}
$results | Export-Csv -Path 'C:\Somewhere\Computers.csv' -NoTypeInformation

P.S. You of course need admin permissions to query the eventlog, so perhaps (if you are not a domain admin) you need to use the -Credential parameter on the Get-WinEvent line aswell.

Page link:https//www.codepudding.com/Enterprise/638260.html

Prev:interest of docker create volume command?
Next:I m receiving error "'mvn' is not recognized as an internal or external command, oper
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding