How to get the last user logged into a computer with PowerShell

As an Administrator, I have been asked more than once to find out where a computer is on the network. This question is usually asked by someone that needs to inventory or lifecycle the equipment. If your IT department is well organized or you have some sort of 3^rd party software running that does this for you, you probably don’t have a whole lot of use for this script.

If, on the other hand, you’re the 1 man/woman IT shop at a small business with no access to 3^rd party tools… this script may save you some time. All we want to know is what user is currently logged in to the machine, or the last user to log in. The assumption is, if we know the user, it’s fairly easy to find out where he or she sits within your organization.

Option 1 – This snippet simply reads all the user profiles on the machine, sorts them in descending order by LastWriteTime and selects the first 1… Pretty simple.

Option 2 – This snippet uses the win32_process WMI class to get the username of any user that has an Explorer process open. If you’re logged in, you have an Explorer process running… Also, pretty simple.

If you have some other method using PowerShell, I would love to hear about it. Leave it in the comments of the YouTube video.