Verifying remote VPN users are authenticating with the domain

Verifying remote VPN users are authenticating with the domain

One daunting task is Verifying remote VPN users are authenticating with the domain. Since you can only set a maximum of 50 cached logons via group policy (GPO) you may want to proactively monitor your user logons to prevent possible future headaches for both you and your users. Now you could go into AD users and computers and manually check the Attribute editor but this is time consuming especially if you have hundreds to thousands of users like in the image below.

Verifying remote VPN users are authenticating with the domain 1

The script below includes importing the PowerShell module for ActiveDirectory (AD) in case that you don’t already have it installed.

Import-Module ActiveDirectory
 
function Get-ADUsersLastLogon()
{
 $dcs = Get-ADDomainController -Filter {Name -like "*"}
 $users = Get-ADUser -Filter *
 $time = 0
 $exportFilePath = "c:\lastLogonTemp.csv"
 $columns = "name,username,datetime"

 Out-File -filepath $exportFilePath -force -InputObject $columns

 foreach($user in $users)
 {
 foreach($dc in $dcs)
 { 
 $hostname = $dc.HostName
 $currentUser = Get-ADUser $user.SamAccountName | Get-ADObject -Server $hostname -Properties lastLogon

 if($currentUser.LastLogon -gt $time) 
 {
 $time = $currentUser.LastLogon
 }
 }

 $dt = [DateTime]::FromFileTime($time)
 $row = $user.Name+","+$user.SamAccountName+","+$dt

 Out-File -filepath $exportFilePath -append -noclobber -InputObject $row
 Import-Csv $exportFilePath | Export-Csv c:\lastLogon.csv -NoTypeInformation

 $time = 0
 }
}
 
Get-ADUsersLastLogon
 del c:\lastLogonTemp.csv

I came across the original post that I based my powershell script above on HERE

This will create a CSV file that has the information formatted into columns for easier sorting. You will also notice that unused accounts will report 12/31/1600 as it’s date. In a later post I’ll go into automating this method of Verifying remote VPN users are authenticating with the domain and automatically emailing yourself a list of users who have not been authenticating to the domain. This will come in handy if someone leaves without notice or has done something to their machine that is interfering with properly authenticating and communicating with the domain.

Verifying remote VPN users are authenticating with the domain 2

Posted in MS Office, PowerShell, Scripting, Windows, Windows 7, Windows 8, Windows Server, Windows Server 2012 R2 and tagged .

Leave a Reply

Your email address will not be published. Required fields are marked *