nav[aria-label="Primary Navigation"] { padding: 0; & ul { list-style: none; width: 100%; display: flex; flex-direction: row; justify-content: start; align-items: start; gap: 30px; padding: 0; & li { margin: 0; } & ul li { list-style: none; } } }

Last time a PC authenticated to domain

mr2nut

Does anyone know how to tell when a PC has last logged on to the domain? I basically want to clean up a load of old computer accounts in AD, so was hoping that someone had some fancy query/script they could possibly share or if there's a built in feature i'm just not seeing.

Thanks.

Find more posts tagged with

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

mrmcmint

"dsquery computer -inactive 24 -limit 0" works for me; 24 being the number of weeks not logged into - change as you see fit. You can also add " | dsrm" onto the end to delete the accounts should you be brave enough. Personally I would pipe the results into a csv and check the results first.

There are also various other tools (non ms) about, also a couple of VB scripts, and I dare say a powershell guru from here would be able to provide a sample powershell script.

Hope that helps.

veritas_libertas

net user "username" /domain

mrmcmint

veritas_libertas wrote: »

net user "username" /domain

The OP was asking about computer accounts

veritas_libertas

mrmcmint wrote: »

The OP was asking about computer accounts

My bad...