ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    ADUC: Clear 'dead' computers

    IT Discussion
    ad active directory aduc computers powershell
    7
    13
    2.2k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • gjacobseG
      gjacobse
      last edited by gjacobse

      Some of this is partly a process issue, one that can be easily corrected.

      However, when a computer is retired, recycled or refreshed is there a process that could be run against ADUC to remove computers that are no longer attached to AD? Or is it really a matter of knowing what systems are gone and deleting them manually?

      1 Reply Last reply Reply Quote 2
      • DustinB3403D
        DustinB3403
        last edited by

        I use powershell to query for users / computers that haven't been seen for a while, and then I take the list and manually remove the ones I know for certain are gone.

        gjacobseG 1 Reply Last reply Reply Quote 3
        • gjacobseG
          gjacobse @DustinB3403
          last edited by

          @dustinb3403 said in ADUC: Clear 'dead' computers:

          I use powershell to query for users / computers that haven't been seen for a while, and then I take the list and manually remove the ones I know for certain are gone.

          PS would be an excellent tool for this - I'll have to see about building one out unless you care to share. I know I have stall entries.

          1 Reply Last reply Reply Quote 0
          • DustinB3403D
            DustinB3403
            last edited by DustinB3403

            I don't have the scripts with me (old job) but the command syntax is along these lines.

            Get-ADComputer -identity compname -Properties * | FT Name, LastLogonDate

            1 Reply Last reply Reply Quote 2
            • DustinB3403D
              DustinB3403
              last edited by

              To query the entire domain:

              Get-ADComputer -Filter * -Properties * | FT Name, LastLogonDate -Autosize

              1 Reply Last reply Reply Quote 2
              • momurdaM
                momurda
                last edited by

                Get-ADComputer -filter * -properties * | Sort LastLogonDate -Descending | Select Name, LastLogonDate
                will sort by date, giving you lonely pcs at bottom of terminal.

                1 Reply Last reply Reply Quote 2
                • DashrenderD
                  Dashrender
                  last edited by

                  @momurda said in ADUC: Clear 'dead' computers:

                  Get-ADComputer -filter * -properties * | Sort LastLogonDate -Descending | Select Name, LastLogonDate

                  We need some tags on this post.

                  gjacobseG 1 Reply Last reply Reply Quote 0
                  • gjacobseG
                    gjacobse @Dashrender
                    last edited by

                    @dashrender said in ADUC: Clear 'dead' computers:

                    @momurda said in ADUC: Clear 'dead' computers:

                    Get-ADComputer -filter * -properties * | Sort LastLogonDate -Descending | Select Name, LastLogonDate

                    We need some tags on this post.

                    You're it.

                    1 Reply Last reply Reply Quote 1
                    • jt1001001J
                      jt1001001
                      last edited by

                      I use ADTidy for this
                      http://www.cjwdev.com/Software/ADTidy/Info.html

                      wirestyle22W 1 Reply Last reply Reply Quote 1
                      • wirestyle22W
                        wirestyle22 @jt1001001
                        last edited by

                        @jt1001001 Paid or Free?

                        jt1001001J 1 Reply Last reply Reply Quote 0
                        • jt1001001J
                          jt1001001 @wirestyle22
                          last edited by

                          @wirestyle22 I've been using the free version without issues so far

                          1 Reply Last reply Reply Quote 2
                          • dbeatoD
                            dbeato
                            last edited by

                            Another way to do it

                            Get-ADComputer -Filter {PasswordLastSet -le $lastSetdate} -Properties passwordLastSet -ResultSetSize $null | FT samaccountname,PasswordLastSet
                            1 Reply Last reply Reply Quote 0
                            • dbeatoD
                              dbeato
                              last edited by

                              Another example taken from another script:

                              import-module activedirectory  
$domain = "domain.mydom.com"  
$DaysInactive = 90  
$time = (Get-Date).Adddays(-($DaysInactive)) 
  
# Get all AD computers with lastLogonTimestamp less than our time 
Get-ADComputer -Filter {LastLogonTimeStamp -lt $time} -Properties LastLogonTimeStamp | 
  
# Output hostname and lastLogonTimestamp into CSV 
select-object Name,@{Name="Stamp"; Expression={[DateTime]::FromFileTime($_.lastLogonTimestamp)}} | export-csv OLD_Computer.csv -notypeinformation
                              1 Reply Last reply Reply Quote 0
                              • 1 / 1
                              • First post
                                Last post