Improve company productivity with a Business Account.Sign Up

x
?
Solved

Utility for checking when networked computer last accessed the network

Posted on 2006-06-28
3
Medium Priority
?
442 Views
Last Modified: 2013-12-23
We have a Windows 2003 Active Directory domain. As computers are removed from the network or renamed active directory is not removing them from the Computers section. Is there a utility or something that can help in removing computer names that are no longer being used? Pinging a computer name in question is no guarantee since the computer may be off due to user being on vacation, sick, etc... We have several hundred computer spread through out the city. Any help would be appreciated.
0
Comment
Question by:kingman1
  • 2
3 Comments
 
LVL 86

Expert Comment

by:oBdA
ID: 17005068
To find outdated machines in the domain, you can use dsquery; open a command prompt and enter
dsquery computer domainroot -inactive 12 -limit 0
to get a list of machines that haven't logged on for 12 weeks.

If you trust the dsquery output, you could pipe it through to dsrm and remove the old records:
dsquery computer domainroot -inactive 12 -limit 0 | dsrm

If you really, really trust the dsquery output, you can add -noprompt to delete without prompting:
dsquery computer domainroot -inactive 12 -limit 0 | dsrm -noprompt

Dsquery
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/ServerHelp/46ba1426-43fd-4985-b429-cd53d3046f01.mspx

The new command-line tools for Active Directory in Windows Server 2003
http://support.microsoft.com/?kbid=298882

Other than that, there's no built-in tool that will do that for you. A third party tool is available here, for example:
Unused Account Ferret: Overview
http://www.anixis.com/products/uaf/default.htm
0
 

Author Comment

by:kingman1
ID: 17005384
oBdA. Thanks for the response. I ran the query and received this response.

dsquery failed:The parameter is incorrect.:Windows could not run this query beca
use you are connected to a domain that does not support this query.


Any ideas how to fix this? I am new to Windows 2003 networking.

Thanks
0
 
LVL 86

Accepted Solution

by:
oBdA earned 2000 total points
ID: 17007894
Seems like you aren't running in Server 2003 functional level yet; the -inactive uses an attribute that's only available in this mode. If you don't have any *Domain* *Controllers* running Windows 2000 or NT4 (member servers don't matter), and don't plan to ever introduce any, you can switch your domain to 2003 function level.
If you'd rather wait with that, you can use the -stalepwd option instead of -inactive; note that you specify days here, not weeks.
dsquery computer domainroot -stalepwd 84 -limit 0
That has one potential disadvantage: a computer's password change can be disabled through a registry change or a group policy, so this might find computers that don't change their password, but are still active. -inactive, on the other hand, will find accounts that haven't logged on to the domain for the specified number of weeks (watch out for laptops!).
As it so happens, I just stumbled over another tool that can query both attributes, too:
OldCmp
http://www.joeware.net/win/free/tools/oldcmp.htm
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Have you ever set up your wireless router at home or in the office to find that you little pop-up bubble in the bottom right-hand corner of Windows read "IP Conflict - One of more computers on the network have been assigned the following IP address"…
Are you one of those front-line IT Service Desk staff fielding calls, replying to emails, all-the-while working to resolve end-user technological nightmares? I am! That's why I have put together this brief overview of tools and techniques I use in o…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Watch the video to know the simple way to remove or recover or reset lost or forgotten passwords of Outlook PST file. With Kernel Outlook Password Recovery tool such operation is very easy to perform. It is a freeware with limitation to use with 500…

595 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question