My PL given me the requirement to find the last logon for each user on the domain.
There is a simple utility in windows resource kit that does this work.
usrstat.exe :– This command-line tool displays the username, full name, and last logon date and time for each user in a given domain.
you can download this utility from the below link
Link Archived.
Tech Wizard 
I made a tool for finding unused user and computer accounts in AD that will also show you this information (and its not command line). If its of any use to you, you can find it here: http://www.cjwdev.co.uk/Software/ADTidy/Info.html
Oh and its completely free 🙂
thanks CJWdev for nice software
Nice Script that will do the JOB
‘ Assign Variables
Dim DomainString, fso, DomianObj, UserDel, C, Code
Dim ChkLast, UserObj, Flag, s
‘ Create Object for File System Access
set fso = CreateObject (“Scripting.FileSystemObject”)
‘ Set Domain Name
DomainString = “domain” ‘Modify this line or this script wont work
‘ Open ADSI and connect to Domain user data
Set DomainObj = GetObject(“WinNT://” & DomainString)
DomainObj.Filter = Array(“user”)
‘ Insure that file does not already exist
IF fso.FileExists (“show_user_account_info.txt”) THEN
set USERDel = fso.GetFile (“show_user_account_info.txt”)
USERDel.Delete
End IF
‘ Create File in temp directory
set C = fso.CreateTextFile (“d:\show_user_account_info_stolt.txt”, True)
on error resume next
‘ Add collumn headings to new file
C.WriteLine “Name” & vbTab & “FullName” & vbTab & “Description” & _
vbTab & “LastLogin” & vbTab & “PasswordExpirationDate” & _
vbTab & “IsAccountLocked” & vbTab & “Class” & vbTab & “UserFlags”
‘ List all users
For Each UserObj In DomainObj
ChkLast = UserObj.LastLogin ‘ ChkLast is used to determine the last logon time.
IF UserObj.UserFlags 661103 Then
s = UserObj.name
s = s & vbTab
s = s & UserObj.FullName
s = s & vbTab
s = s & UserObj.Description
s = s & vbTab
s = s & UserObj.LastLogin
s = s & vbTab
s = s & UserObj.PasswordExpirationDate
s = s & vbTab
s = s & UserObj.IsAccountLocked
s = s & vbTab
s = s & UserObj.Class
s = s & vbTab
‘ Convert Flags to more undersandable terms.
Flag = UserObj.UserFlags
IF Flag = 66113 THEN
Code = “Password never expires and user cannot change password”
ELSEIF Flag = 8389123 THEN
Code = “Disabled”
ELSEIF Flag = 577 THEN
Code = “Account is not setup right, login not possible”
ELSEIF Flag = 515 THEN
Code = “Account is disabled and user must change password at next logon”
ELSEIF Flag = 513 THEN
Code = “User is active”
ELSEIF Flag = 66049 THEN
Code = “Password Does Not expire”
ELSE
Code = “Unknown Code = ” & UserObj.UserFlags
END IF
s = s & CHR (34) & Code & CHR (34)
C.WriteLine s ‘ Write new line to file.
End IF
Next ‘ Repeat for all users
Wscript.Quit