Question: $Date being saved as Unicode String, why not Generalized-Time Syntax? #2
Description
Hi, I was looking at the instructions that involve this PS1 script here - https://lockstepgroup.com/blog/fun-with-ad-custom-attributes/ - and noticed that of the four example attributes that author Eric Shoemaker lists, all four are syntax= Unicode String. However, one of the four attributes has to do with "LastLoggedOnUserDate" - would this make more sense as a Generalized Time syntax attribute?
As Eric points out in his blog entry, once you create an attribute, it can never be removed, and I'd rather do this right the first time. The code sequence that gathers both the LogonUsername and LogonDate is
$LogonType=2 #Interactive Logon $30Days=(Get-Date).adddays(-30) $LogonEvent=(Get-EventLog -LogName Security -InstanceId 4624 -After $30Days | Where {$_.ReplacementStrings[8] -eq $LogonType -and $_.ReplacementStrings[6] -ne "Window Manager"})[0] $LoggedOnUser=($LogonEvent.ReplacementStrings[6])+'\'+($LogonEvent.ReplacementStrings[5]) $Date=$LogonEvent.TimeGenerated
That last line, $Date=$LogonEvent.TimeGenerated seems to just be pulling the string out of the event viewer.
My question is, how is this stored in active directory? On my test machine I ran this command on, my $Date ends up reading "March 9, 2020 11:13:57 AM" - in Eric's example images, he lists "01/13/2017 14:25:10" - so we have two examples of the Month/Date/Year being listed two different ways.
In active directory, if this is merely a string, is this something that could be sorted when we put this attribute into a column? With Generalized Time, I know sorting by oldest or newest datestamp works perfectly. I worry that if I capture a string of the date time, it might sort alphabetically by "March" - and some of our users use YYYY-MM-DD, and some use MM-DD-YYYY.
I am hoping that Eric or someone who has attempted this in a full AD test lab (I don't have a test lab, sadly) knows whether or not or not the date string will sort like a numerical date, or whether it will sort like, well, a string - numbers and letters being sorted separately like anywhere else in windows.
It would be way easier for me just to use Eric's great looking PS1 and have all four attributes be Unicode Strings, but if someone can confirm that sorting won't work, I will try my hand and re-writing the code to convert that particular attribute to Generalized-Time Syntax.