If you have ever tried to answer the deceptively simple question “When did this user last log on?” in Active Directory, you know it is not as easy as it sounds.
The lastLogon attribute is non-replicated, which means each Domain Controller holds its own version. Asking one controller gives you only a fragment of the truth.

That is where Get-ExactADLastLogon.ps1 comes in.

The Mission

This PowerShell script digs through every reachable Domain Controller, collects the raw lastLogon value for each user, converts it to a readable DateTime, and identifies the most recent entry.
In other words, it stops guessing and finds the real answer.

Under the Hood

1. Input and Setup
   The script reads a simple list of usernames from C:\Temp\ADUsersLogonTime.txt.
   Each line represents one user. That is all you need.

2. Domain Controller Discovery
   It enumerates all Domain Controllers in the domain, tests each for connectivity, and removes the unreachable ones.
   If a DC refuses to respond, it is politely ignored.

3. Meaningful Progress Bars
   While running, the script displays real-time progress bars for both users and DCs.
   It feels alive, giving you visibility into every step.

4. Precise LastLogon Results
   For every user, the script gathers all timestamps from every DC, sorts them, and selects the latest value.
   The result is a precise view of when the account was last active, unaffected by replication delays.

5. Clean Output
   When complete, it exports the results to C:\Temp\LastLogon-Exact.csv in the format:
   User, LastLogon, SourceDC.

Built for the Real World

This script is designed for production environments, not just a lab. It handles:

• Unreachable Domain Controllers gracefully, with short error logs.

• Users that have no logon data.

• Clear, informative console feedback.

• A self-contained design that only requires the ActiveDirectory module.

Why It Matters

Accurate lastLogon data is essential for audits, account cleanup, and security assessments.
This script ensures you are looking at real, current data rather than outdated or replicated values.

This script embodies precision and practicality.
It turns a messy, often misunderstood AD query into a clean, exact report. In IT, accuracy is not a luxury. It is a necessity.