Find Inactive Computer Objects With LastLogonTimeStamp

Skip to content

From time to time I find myself re-inventing this piece of code. Maybe you do too?

The problem you want to solve is the following:

How do you identify obsolete computer objects in Active Directory in order to do some overdue housekeeping?

There are different properties that can help you get your hands on this information. I usually use the following property:

lastLogonTimeStamp

All domain joined Windows operating systems have an account and a password in Active Directory, just like users (except, the computer account password is 120 characters long!).

To operate properly computer accounts perform a logon to the domain just like users do.

Every time a user or computer logs on to Active Directory the authenticating domain controller will check the lastLogonTimeStamp attribute of the account. If the value is older than 14 days the lastLogonTimeStamp attribute is updated with the current time. The 14 day check is to avoid overloading the AD replication and is controlled by the ms-DS-Logon-Time-Sync-Interval attribute in the domain naming context.

If the value of the lastLogonTimeStamp attribute is a lot older than 14 days it’s an indication that the account is not active anymore.

Get the full details on lastLogonTimeStamp here.

Converting lastLogonTimeStamp From FileTime to DateTime

The value of the lastLogonTimeStamp will look a bit odd at first sight. Here’s my birthday e.g.:

116961336000000000

The format of the attribute is a FileTime structure which measures the number of 100 nano-second intervals since January 1st 1601 (UTC time).

Out of pure embarrassment I’m not going to convert the above value for you! But I will show you how to convert your lastLogonTimeStamp properties in PowerShell. Very simple:

[datetime]::FromFileTime($Server.lastLogonTimeStamp)

With the conversion in place let’s have a look at a script to get you the complete list from your Active Directory.

How to Get All Obsolete Computer Objects From Active Directory Using PowerShell

Using the previous information a PowerShell solution could look like this:

$Servers = Get-ADComputer -Properties lastLogonTimeStamp -Filter * -ResultSetSize $null "Name;DN;lastLogonTimeStamp" | Out-File ".\ServerList.txt" ForEach ($Server In $Servers) { $Output = $Server.Name + ";" + $Server.distinguishedName + ";" + [datetime]::FromFileTime($Server.lastLogonTimeStamp) Write-Host $Output $Output | Out-File ".\ServerList.txt" -Append }

This will get you a nice semicolon separated list with the name, distinguishedName and lastLogonTimeStamp of all computer objects in your Active Directory.

The list is printed to the console and also saved to a txt file.

You can then paste the result into Excel and do all the sorting and filtering you want.

Speed Up Your Office 365 Management

If you have a hybrid AD with Office 365 integration you can simplify your user, mailbox and license management a great deal!

Install the Easy365Manager extension to the AD Users & Computers tool and manage everything in one consolidated well-known tool. Be the smart guy:

Search for: Easy365Manager is the missing link between on-premises and Office 365. Martin DugganTechnology Infrastructure LeadCornerstone, United Kingdom

Office 365 Plugin forActive Directory Users & Computers

Easy365Manager has saved us tons of time. Matt BryantIT Systems AdministratorAudioscan, Canada

Delegate calendar permissions without PowerShell

Easy365Manager is a real time saver! Very well thought out software. Manny MamakasSenior ConsultantGreenwire Solutions, United States

MANAGE MEETING ROOMS AND ROOM LISTS WITH EASE

Saves us time that we can use on our many other projects waiting to be done. Devin GrayDirector of Information Technology & CommunicationCity of Edwardsville, United States

Manage email attributes without on-premises Exchange Server

Easy365Manager installation and Exchange removal was conducted smoothly and rapidly. Support provided by Easy365Manager team is efficient and fast. Eric GaillardIT & Facilities Addex Therapeutics, Switzerland

Install and Configure in Less Than Two Minutes

Removing my old Exchange server is a game changer! What a great time-saver to manage Office 365 and AD on one dashboard! ChristopherSaint Agnes School, United States

Manage Office 365 licenses and mailboxes from AD Users & Computers

Love this tool! Works and does everything we need! Matt WeberSystems AdministratorCommunity Bridges, United States

CONFIGURE OUTLOOK AUTOMAPPING WITHOUT POWERSHELL

Great product, I'm really happy we found it! Charles-Eric HachéHead of IT and TelecommunicationCity of Sainte-Julie, Canada

VIEW AND CONFIGURE AUTO-REPLY SCHEDULES WITHOUT POWERSHELL

We love using Easy365Manager. The program makes everything a lot more enjoyable for us. Bram BorkinkSystems AdministratorLinthorst Techniek, Netherlands

MULTI-OBJECT EDITING OF EXCHANGE ONLINE MAILBOXES

Easy365Manager really took care of a lot of security concerns by being able to turn off our last Exchange Server and simultaneously being able to handle Exchange Online completely in AD, without opening the browser. Marcus OddoSystems AdministratorCodac, United States

Single-click Azure AD Connect synchronization

Aside from Easy365Manager being such a revolutionary tool, your level of expertise in your product and responsiveness to our questions has made us very eager to partner with you. Jerry JacobsenSupv. of Network AdminMetal-Tek, United States