ISD 820 Knowledge Base

User Tools

Site Tools

You are here: start » windows » proc » active_directory_user_and_computer_audit
windows:proc:active_directory_user_and_computer_audit

Table of Contents

Active Directory User and Computer Audit

Users

  1. Run the following in a administrator Powershell:
    Get-ADUser -Filter * -Properties “LastLogonDate” | export-csv -path ad-user1.csv
  2. Open in Excel and sort by LastLogonDate Ascending
  3. Consider removing accounts that are inactive for over a year
  4. Make a script with the following: 
    Disable-ADAccount -Identity <SamAccountName>

Comptuers

  1. Run the following in a administrator Powershell:
    Get-ADComputer -Filter * -Properties LastLogonDate,operatingSystem,operatingSystemVersion,IPv4Address | export-csv -path ad-computers1.csv
  2. Open in Excel and sort by LastLogonDate Ascending
  3. Consider removing accounts that are inactive for over a year
  4. Make a script with the following: 
    Disable-ADAccount -Identity <SamAccountName>
windows/proc/active_directory_user_and_computer_audit.txt · Last modified: 2023/02/16 15:57 by tschulz

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki