Get-ADNetLogonLogs
SYNOPSIS
Retrieves NetLogon logs for an Active Directory user.
SYNTAX
Get-ADNetLogonLogs [[-Identity] <Object>] [[-DomainController] <String[]>] [-WhatIf] [-Confirm]
[<CommonParameters>]
DESCRIPTION
The `Get-ADNetLogonLogs` function retrieves NetLogon logs for a specified Active Directory user from domain controllers. It queries the NetLogon logs on the specified domain controllers to find entries related to the user's logon activity.
EXAMPLES
EXAMPLE 1
Retrieves NetLogon logs for the user "jdoe" from all domain controllers.
EXAMPLE 2
Retrieves NetLogon logs for the user "jdoe" from the specified domain controller "DC01."
PARAMETERS
-Identity
The identity of the Active Directory user to query. Defaults to the current username if not specified.
Type: Object
Parameter Sets: (All)
Aliases:
Required: False
Position: 1
Default value: $env:USERNAME
Accept pipeline input: True (ByPropertyName, ByValue)
Accept wildcard characters: False
-DomainController
A list of domain controllers to query. Defaults to all enabled domain controllers.
Type: String[]
Parameter Sets: (All)
Aliases:
Required: False
Position: 2
Default value: *
Accept pipeline input: False
Accept wildcard characters: False
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Type: SwitchParameter
Parameter Sets: (All)
Aliases: wi
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-Confirm
Prompts you for confirmation before running the cmdlet.
Type: SwitchParameter
Parameter Sets: (All)
Aliases: cf
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.