Getting Last Logon Information With PowerShell
Recently I had to write a report that got the last logon date for all of our users and I really ran into the LastLogonDate problem. What problem is that, you might ask? Well, it’s been documented a lot but the root of the problem is when a user logs into a domain account, their login time is recorded into the lastLogon field in Active Directory on the domain controller they authenticated against. This field is stored as FileTime, which is the date and time as a 64-bit value in little-endian order representing the number of 100-nanosecond intervals elapsed since January 1, 1601 (UTC). And just to make it a little bit more fun Active Directory does not replicate it. So if someone logs in in India, and you query your Active Directory Domain Controller here in Massachusetts you will NOT get the updated information. So now what?
Monitoring the Progress of a PowerShell Job
Working in a big Enterprise is a whole different animal than small business (which has been my space for a long time). I’m finding myself doing a lot more multi-threading because of the pure scale of things that need to be done and running a single threaded sequence just takes too long. But that doesn’t mean I don’t want to give my users feedback about the progress of my scripts, in fact, the larger the work load the more important feedback becomes. I recently discovered a technique that allows me to do just that–but not before putting my own spin on it.
Personal Update
Most may not realize, but I recently left my old position at SeraCare Life Sciences and moved to athena health (lower case is on purpose). As sometimes happens in business, SeraCare felt they could do without me and while I didn’t necessarily agree I have to admit my situation has improved quite a bit. athena health is a cloud based technology company selling EMR–electronic medical records–and claims submission automation. I think this is a great business model, and judging from their 30% growth over the past 2 years (each year) their clients feel the same way! athena is quite a bit different from my past positions as it marks my first real return to corporate IT since leaving Sun Life of Canada many years ago–I did have a stint of a 3-month contract working at PC Connection but the commute was just too much–otherwise I’d probably still be there!
It’s interesting how IT changes at scale as the differences to small business are stark. Petabyte flash-based SAN’s are the standard now, with high-speed Compellant storage being relegated to tier two storage and backups! I was excited to be getting flash-based drives in a few laptops before. And I have PowerShell to thank for it! I was primarily hired because of my script writing talents–though I’m sure 20+ years in the industry didn’t hurt the decision any. All the hard work in the Spiceworks, PowerGUI and PowerShell.com forums, not to mention this very blog have really paid off.
And with the scale of athena health comes interesting side effect to how you have to approach your PowerShell script writing. When I run a task against all of the users now, its not a report with 150 lines in it, it’s a report with 4,700! Suddenly, multi-tasking using PowerShell jobs takes on a whole new meaning, as well as taking a different perspective on your script writing. Often I’ve just done brute force methods because the datasets were so small it just didn’t matter. That’s no longer an option!
Another cool thing I’ve been working on is re-writing our fax troubleshooting tool. Have I mentioned faxing as it relates to athena health yet? I should, because I’ve never seen, or heard, anything like it. One of the features of athenaNet is we give you, the client, a toll-free fax number and all of your incoming faxes come to us and we place it in your portal. Sending something out to a lab? Just complete the form and we’ll take care of the fax to the lab–both sending and receiving. It’s actually pretty amazing. And we do a LOT of a faxing. No, seriously, it’s stunning. I don’t know the exact numbers but it’s hundreds of thousands of faxes sent and received every day. We actually went over 1 million faxes a couple of weeks ago. The infrastructure for just our faxing environments is larger than most companies entire data centers! We have 2 “environments”, A and B and three data centers. Each data center has 8-12 servers PER environment so that’s a whopping 48 to 60 servers–I’ll have to do an exact count at some point–just to support faxing.
So a fax troubleshooting tools is a given. One of my first projects walking into the door was to fix the one we had, which was written in ASP. Now, I told the boss right off the bat, “you realize I don’t know ASP, right?!” He was fine with it and was actually looking to do something in PowerShell first, then putting some kind of web front in on it later so we can roll it out to the account managers. I’ll be writing about how I accomplished this in a future post, but I mostly just copied Boy Wonder here, so feel free to look through his stuff in the mean time. With some tweaking this actually ended up working really well.
Anyway, I am still around and I am still writing when I can. Luckily things are starting to slow down a little bit so I can start thinking about the blog again. FYI, I’m doing a beginner’s guide to PowerShell for the Boston Spicecorps on July 24th so if you’d like to check it out make sure to sign up for Spiceworks and get yourself registered!
Me
LinkedIn
The Surly Admin 