Home > > Find the Last Login Time of a SharePoint User from AD with PowerShell

Find the Last Login Time of a SharePoint User from AD with PowerShell

, , ,
Requirement: Find the last login time of all SharePoint users of  the farm to find out inactive users.

Solution: We can retrieve the user's last login time from Active directory (if the authentication provider is AD) using PowerShell.
Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue
Import-Module ActiveDirectory

$UserAccount="vani"
$User = Get-ADUser -Filter {SamAccountName -like $UserAccount} | Get-ADObject -Properties lastLogon 
  
$LogonTime=[DateTime]::FromFileTime($User.LastLogon)
Write-host $LogonTime
Lets add some more error handling and find last logon time of all users of SharePoint.

PowerShell Script to Find the SharePoint user last login time:
Add-PSSnapin Microsoft.SharePoint.PowerShell -ErrorAction SilentlyContinue
Import-Module ActiveDirectory

#Custom Function Get the Last Logon Time of the User from AD 
Function Get-ADUserLastLoginTime($UserAccount)
{
    Try {
        #Set the Error Action
        $ErrorActionPreference = "Stop"

        $User = Get-ADUser -Filter {SamAccountName -like $UserAccount} | Get-ADObject -Properties lastLogon 
  
           if($user.LastLogon) 
           {
               return([DateTime]::FromFileTime($User.LastLogon))
           }
           else
           {
             return "Not Found!"
           }
        }
    catch {
          Write-Host $_.Exception.Message -ForegroundColor Red
        }
    finally {
          #Reset the Error Action to Default
          $ErrorActionPreference = "Continue"
        }
}
#Get All User Profiles
$SiteURL="https://intranet.crescent.com"
$ServiceContext  = Get-SPServiceContext -site $SiteURL
$UserProfileManager = New-Object Microsoft.Office.Server.UserProfiles.UserProfileManager($ServiceContext)
#Get All User Profiles
$UserProfilesColl = $UserProfileManager.GetEnumerator()

Foreach($UserProfile in $UserProfilesColl)
{
    $UserAccount=$UserProfile["UserName"]
    $LogonTime = Get-ADUserLastLoginTime -UserAccount $UserAccount
    Write-host "Last Logon Time of the User $UserAccount is $LogonTime"
}
Please note, SharePoint doesn't store Last Login time stamp. The above script pulls data from Active directory. So, data may be bit inconsistent - because if the user logon to any other systems like Exchange Server Email, AD will have that time stamp, doesn't matters if the user has logged on to SharePoint or not!

However, If you parse IIS Logs of the SharePoint web application using Log parser, you can find the particular user's activity How to use Log Parser with SharePoint?

Post updated on: 2018-03-14T06:35:15Z

Related Posts:

1 comment:

Please Login and comment to get your questions answered!

Subscribe to: Post Comments ( Atom )
Powered by Blogger.