Solved

Removing inactive / obsolete Computer accounts in AD

Posted on 2011-03-15
4
1,132 Views
Last Modified: 2012-05-11
I know how to query the ad server for old computer accounts but I wanted to know what would happen if I deleted a computer account for an active user/computer.

Would that computer need to be rejoined to the domain?  Would it prevent the user from logging into the domain if I accidentally deleted their active computer account?

Is there a policy I can modify to remove inactive computer accounts that haven't logged into the netowork for say... 6mo?

Thanks!
0
Comment
Question by:GDavis193
  • 2
4 Comments
 
LVL 5

Expert Comment

by:sweeps
ID: 35141465
You should disable instead of delete and then move the disabled into an OU.  otherwise you would have to recreate the users and rejoin the machines to the domain.  This would also affect exchange accounts associated to the user.
0
 
LVL 7

Accepted Solution

by:
waleeda earned 500 total points
ID: 35141521
yes
if you deleted an active computer account it will give netlogon error on you active directory, and if you try to login with the cached account it will login but if you try to login with a deferent account it will not work
0
 
LVL 5

Expert Comment

by:sweeps
ID: 35141865
here is a free program that we use that is easy to setup and you can choose to disable either user accounts or computer accounts if not logged in for so many days.  and you can set it to ping the computer account also just to verify that it is not live.

http://www.cjwdev.co.uk/Software/ADTidy/Download.html

freeware and that is for commercial or private usage.  there is a license file in the download that states it.
0
 
LVL 8

Expert Comment

by:ActiveDirectoryman
ID: 35163958

I Agree. I would create a locked down disabled computers ou.  
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question