Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

How to find old computers in Active Directory using Powershell

Posted on 2011-03-18
5
Medium Priority
?
1,310 Views
Last Modified: 2012-05-11
I need to find computers that haven't been used in a while in AD on a Windows 2008 R2 DC. Let's say 30 days. How would I go about listing all of those computers in alphabetical order?
0
Comment
Question by:Greg27
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 27

Expert Comment

by:KenMcF
ID: 35167402
You can use the 2008R2 AD cmdlets and do something like this

$d = [DateTime]::Today.AddDays(-30)
Get-ADComputer -Filter 'PasswordLastSet -ge $d' -Properties PasswordLastSet | FT Name,PasswordLastSet
0
 

Author Comment

by:Greg27
ID: 35167483
This is showing me all computers and the last password date set on it. I really need a list of all computers that haven't been logged into for at least 30 days. I have a feeling I have some computers listed in AD that no longer exist on my network. Thanks.
0
 
LVL 27

Assisted Solution

by:KenMcF
KenMcF earned 400 total points
ID: 35167564
If these computers are active on the network it will be difficult to get the last time a user logged onto it. You will need to query the audit logs. If these computers are not on the network there are a few attributes you can look at. passwordlastset, Lastlogon, and lastLogonTimeStamp. There are other utilies as well, one I like is oldcmp.exe from joeware.net and the Quest AD cmdlets

get-qadcomputer -Notloggedonfor 30
get-qadcomputer -inactivefor 30


This is what the switches look for

    - The number of days that the account remains in the expired state
    - The number of days that the password of the account remains unchanged
    - The number of days that the account remains unused for logon
0
 
LVL 5

Accepted Solution

by:
sweeps earned 1600 total points
ID: 35167628
The best way is to use a program (its free and works great).....

http://cjwdev.wordpress.com/category/ad-tidy/ 

you can set it down to which ou, user or computer, you can export a list, you can have it ping what it thinks is old comp to make sure they are not online.   you can disable or delete in the the program..

awesome program,  have used it for 3 months now.
0
 

Author Closing Comment

by:Greg27
ID: 35323946
Thanks for the help! I ended up giving the most points to sweeps because that is the tool I used and I don't have the Quest AD cmdlets since I am running Powershell 2 with the AD cmdlets built-in.
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Windows 10 came with  a lot of built in applications, Some organisations leave them there, some will control them using GPO's. This Article is useful for those who do not want to have any applications in their image (example:me).
There are times when we need to generate a report on the inbox rules, where users have set up forwarding externally in their mailbox. In this article, I will be sharing a script I wrote to generate the report in CSV format.
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…

704 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question