在Active Directory PowerShell中获取活动用户
[英]Get active users in Active Directory powershell
问题描述
I have created a tool that counts the active users in Active directory for the last 5 minutes for example. 
我创建了一个工具,用于计算最近5分钟Active directory的活动用户数。 However, my script is allways returning around the same amount of active users, even at night. 但是,我的脚本总是在相同数量的活跃用户周围返回,即使在晚上也是如此。
Here is the part of my script that counts the active users: 以下是我的脚本中计算活动用户的部分:
$Date=Get-Date #Getting the Date of the mesure
$TpsDerLog= ($Date).AddMinutes(-5) #Creating the time marker for inactive user (mesure time - 5 minutes)
$Liste= Get-ADUser -Server "reseau" -filter {(enabled -eq $True) -and (objectclass -eq "user")} #Getting all the enabled accounts in the Active Directory
$ListeN = Get-ADUser -Server "reseau" -filter { (LastLogonTimeStamp -lt $TpsDerLog) -and (objectclass -eq "user") -and (enabled -eq $True) } -Properties LastLogonTimeStamp #Getting the inactive Enabled users
$nb=($Liste.count)+(-$ListeN.count) #Substracting The inactive users to the total
2 个解决方案
解决方案1
0 2016-06-01 09:22:27
Your code is giving you the difference between all active (not disabled users) in your AD (saved in $Liste) and users that have logged in to the domain recently. 您的代码为您提供了AD中所有活动(未禁用的用户)(保存在$ Liste中)与最近登录到域的用户之间的区别。 5 minutes difference won't help you, since the LastLogonTimeStamp attribute is calculated as 14 days minus random percentage of 5 days. 5分钟的差异对您没有帮助,因为LastLogonTimeStamp属性计算为14天减去5天的随机百分比。
Useful links: 有用的链接:
LastLogonTimeStamp Attribute LastLogonTimeStamp属性
Difference between LastLogon and LastLogonTimeStamp LastLogon和LastLogonTimeStamp之间的区别
Play around with AddDays() method, and you will get more accurate results about how users log in to your domain on a daily basis. 使用AddDays()方法,您将获得有关用户每天如何登录您的域的更准确结果。
解决方案2
0 已采纳 2016-06-01 09:47:41
What your trying to do can't really been done through Active Directory . 您尝试做的事情无法通过Active Directory完成。 A user maybe logged into to the domain and leave their session locked or disconnected from the machine/server, then go home. 用户可能登录到域并将其会话锁定或从计算机/服务器断开连接,然后回家。
This information is not passed back to Active directory so the LastLogon variables will remain the same until the user comes back and unlocks the machine (authenticate against a Domain controller). 此信息不会传递回Active directory因此LastLogon变量将保持不变,直到用户返回并解锁计算机(对域控制器进行身份验证)。 This is why you will see users as active at night even if they have gone home. 这就是为什么即使他们已经回家,你也会在晚上看到用户活跃。
The only way that you could tell if a use was currently active on a session would be to interrogate the machine they were on and return the session status. 您可以判断某个用户当前是否在会话中处于活动状态的唯一方法是询问他们所在的计算机并返回会话状态。 But connected to a lots of domain machines isn't ideal. 但连接到很多域机器并不理想。 So the best way to get a figure of logged on users would be to track a domain controllers event log and check for users that have a logon event but don't have a logoff event in a set time period. 因此,获取登录用户数量的最佳方法是跟踪域控制器事件日志,并检查具有登录事件但在设定时间段内没有注销事件的用户。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.