ps/Modules/Cole.PowerShell.Developer/Public/Get-AllUsersNotLoggedInSince.ps1

function Get-AllUsersNotLoggedInSince {
    [CmdLetBinding()]
    [OutputType([object[]])]
    param(
        [Parameter()]
        [ValidateNotNullOrEmpty()]
        [DateTime]$LastLoginDate = [DateTime]::Now.AddMonths(-3)
    )
    $userLookup = @()
    $domainControllerLookup = @{}

    # aka not a system account, like LOCALSYSTEM or NETWORKSERVICE
    $isUser = 1
    # aka not IIS services
    $passwordCannotChange = 64
    # aka not gMSA
    $workstationTrustAccount = 4096
    # aka not local accounts for things like machine recovery
    $passwordDoesNotExpire = 65536

    $allLoginProfiles = Get-CimInstance -ClassName Win32_NetworkLoginProfile
    $users = $allLoginProfiles.Where({ ($_.Flags -band $isUser) -and -not ($_.Flags -band $passwordCannotChange) -and -not ($_.Flags -band $workstationTrustAccount) -and -not ($_.Flags -band $passwordDoesNotExpire) })

    foreach ($user in $users) {
        $domain = ($user.Name -split '\\')[0]
        $username = ($user.Name -split '\\')[1]
        $server = $domainControllerLookup.$domain
        if ($null -eq $server) {
            $server = (Get-ADDomainController -Discover -DomainName $domain).Hostname[0]
            $domainControllerLookup.$domain = $server
        }
        $domainUser = Get-ADUser -Server $server -Identity $username
        if ($null -ne $domainUser) {
            # calculate directory size
            $homeDirectoryPath = Join-Path -Path C:\Users\ -ChildPath $username
            $sizeInMbs = [System.Math]::Round( ((Get-ChildItem -Path $homeDirectoryPath -Recurse -ErrorAction SilentlyContinue -Force) | Measure-Object -Property Length -Sum).Sum / 1Mb, 2)
            if ($user.LastLogon -lt $LastLoginDate) {
                $userLookup += @{
                    Username = $user.Name
                    LastLogon = $user.LastLogon
                    HomeFolderMB = $sizeInMbs
                }
            }
        } else {
            Write-Host "Could not find $($user.Caption) in $domain"
        }
    }

    return $userLookup
}
First full commit 2023-05-30 22:51:22 -07:00			`function Get-AllUsersNotLoggedInSince {`
			`[CmdLetBinding()]`
			`[OutputType([object[]])]`
			`param(`
			`[Parameter()]`
			`[ValidateNotNullOrEmpty()]`
			`[DateTime]$LastLoginDate = [DateTime]::Now.AddMonths(-3)`
			`)`
			`$userLookup = @()`
			`$domainControllerLookup = @{}`

			`# aka not a system account, like LOCALSYSTEM or NETWORKSERVICE`
			`$isUser = 1`
			`# aka not IIS services`
			`$passwordCannotChange = 64`
			`# aka not gMSA`
			`$workstationTrustAccount = 4096`
			`# aka not local accounts for things like machine recovery`
			`$passwordDoesNotExpire = 65536`

			`$allLoginProfiles = Get-CimInstance -ClassName Win32_NetworkLoginProfile`
			`$users = $allLoginProfiles.Where({ ($_.Flags -band $isUser) -and -not ($_.Flags -band $passwordCannotChange) -and -not ($_.Flags -band $workstationTrustAccount) -and -not ($_.Flags -band $passwordDoesNotExpire) })`

			`foreach ($user in $users) {`
			`$domain = ($user.Name -split '\\')[0]`
			`$username = ($user.Name -split '\\')[1]`
			`$server = $domainControllerLookup.$domain`
			`if ($null -eq $server) {`
			`$server = (Get-ADDomainController -Discover -DomainName $domain).Hostname[0]`
			`$domainControllerLookup.$domain = $server`
			`}`
			`$domainUser = Get-ADUser -Server $server -Identity $username`
			`if ($null -ne $domainUser) {`
			`# calculate directory size`
			`$homeDirectoryPath = Join-Path -Path C:\Users\ -ChildPath $username`
			`$sizeInMbs = [System.Math]::Round( ((Get-ChildItem -Path $homeDirectoryPath -Recurse -ErrorAction SilentlyContinue -Force) \| Measure-Object -Property Length -Sum).Sum / 1Mb, 2)`
			`if ($user.LastLogon -lt $LastLoginDate) {`
			`$userLookup += @{`
			`Username = $user.Name`
			`LastLogon = $user.LastLogon`
			`HomeFolderMB = $sizeInMbs`
			`}`
			`}`
			`} else {`
			`Write-Host "Could not find $($user.Caption) in $domain"`
			`}`
			`}`

			`return $userLookup`
			`}`