Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Utility for checking when networked computer last accessed the network

Posted on 2006-06-28
3
Medium Priority
?
437 Views
Last Modified: 2013-12-23
We have a Windows 2003 Active Directory domain. As computers are removed from the network or renamed active directory is not removing them from the Computers section. Is there a utility or something that can help in removing computer names that are no longer being used? Pinging a computer name in question is no guarantee since the computer may be off due to user being on vacation, sick, etc... We have several hundred computer spread through out the city. Any help would be appreciated.
0
Comment
Question by:kingman1
  • 2
3 Comments
 
LVL 85

Expert Comment

by:oBdA
ID: 17005068
To find outdated machines in the domain, you can use dsquery; open a command prompt and enter
dsquery computer domainroot -inactive 12 -limit 0
to get a list of machines that haven't logged on for 12 weeks.

If you trust the dsquery output, you could pipe it through to dsrm and remove the old records:
dsquery computer domainroot -inactive 12 -limit 0 | dsrm

If you really, really trust the dsquery output, you can add -noprompt to delete without prompting:
dsquery computer domainroot -inactive 12 -limit 0 | dsrm -noprompt

Dsquery
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/ServerHelp/46ba1426-43fd-4985-b429-cd53d3046f01.mspx

The new command-line tools for Active Directory in Windows Server 2003
http://support.microsoft.com/?kbid=298882

Other than that, there's no built-in tool that will do that for you. A third party tool is available here, for example:
Unused Account Ferret: Overview
http://www.anixis.com/products/uaf/default.htm
0
 

Author Comment

by:kingman1
ID: 17005384
oBdA. Thanks for the response. I ran the query and received this response.

dsquery failed:The parameter is incorrect.:Windows could not run this query beca
use you are connected to a domain that does not support this query.


Any ideas how to fix this? I am new to Windows 2003 networking.

Thanks
0
 
LVL 85

Accepted Solution

by:
oBdA earned 2000 total points
ID: 17007894
Seems like you aren't running in Server 2003 functional level yet; the -inactive uses an attribute that's only available in this mode. If you don't have any *Domain* *Controllers* running Windows 2000 or NT4 (member servers don't matter), and don't plan to ever introduce any, you can switch your domain to 2003 function level.
If you'd rather wait with that, you can use the -stalepwd option instead of -inactive; note that you specify days here, not weeks.
dsquery computer domainroot -stalepwd 84 -limit 0
That has one potential disadvantage: a computer's password change can be disabled through a registry change or a group policy, so this might find computers that don't change their password, but are still active. -inactive, on the other hand, will find accounts that haven't logged on to the domain for the specified number of weeks (watch out for laptops!).
As it so happens, I just stumbled over another tool that can query both attributes, too:
OldCmp
http://www.joeware.net/win/free/tools/oldcmp.htm
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A common practice in small networks is making file sharing easy which works extremely well when intra-network security is not an issue. In essence, everyone, that is "Everyone", is given access to all of the shared files - often the entire C: drive …
I'm a big fan of Windows' offline folder caching and have used it on my laptops for over a decade.  One thing I don't like about it, however, is how difficult Microsoft has made it for the cache to be moved out of the Windows folder.  Here's how to …
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Whether it be Exchange Server Crash Issues, Dirty Shutdown Errors or Failed to mount error, Stellar Phoenix Mailbox Exchange Recovery has always got your back. With the help of its easy to understand user interface and 3 simple steps recovery proced…

877 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question