Script to Compare Active Directory User last logon date and account expires date
This script will compare Active Directory User last logon date and account expires date for SOX purposes.
1. Open notepad
2. Copy and paste below text to notepad
3. Save the file with .ps1 extension.
# ---------- SCRIPT STARTS HERE--------------
$reportpath="c:\lastlogon_report.csv"
Get-QADUser -SizeLimit 4000 | where {$_.accountexpires -ne $null -and $_.lastlogon -gt $_.accountexpires} | select name,samaccountname,lastlogon,Accountexpires | Export-Csv -Path $reportpath
# ---------- SCRIPT ENDSS HERE--------------