Solved

DSQUERY server 2003

Posted on 2013-06-03
7
586 Views
Last Modified: 2013-06-03
I've recently be come to a company that has 33 active computers. When I open ADUC there are 195 computers in active directory. I would like to get rid of the old junk ones as I can tell that AD hasn't been cleaned up since the company was founded.

Here is the dilemma.

I open command prompt and enter
"dsquery computer -inactive 10" this should display the computers that have not been logged into in the last 10 weeks. it only shows 35 computers.

"dsquery computer -inactive 4" displays 38 computers.

"dsquery computer -limit 200" displays 195 computers which is accurate with the number of computers in ADUC

I would expect there to be something like 160 inactive computers not 35. Do you know why all of them aren't showing up when I put the "-inactive" statement in the command?
0
Comment
Question by:David11011
  • 4
  • 3
7 Comments
 
LVL 57

Accepted Solution

by:
Mike Kline earned 500 total points
ID: 39216758
Do you physically have only 35 computer objects (including servers).   Can you try other tools to see their results (both tools are free)

Oldcmp  great command line tool
http://www.joeware.net/freetools/tools/oldcmp/

adtidy - GUI tool
http://www.cjwdev.co.uk/Software/ADTidy/Info.html

Thanks

Mike
0
 
LVL 2

Author Comment

by:David11011
ID: 39216765
Yes, there are only 32 physical machines. 3 of the servers are virtualized. I will give these tools a try and report back. Thanks
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 39216774
With oldcmp just start with

oldcmp -report

Thanks

Mike
0
How our DevOps Teams Maximize Uptime

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us. Read the use case whitepaper.

 
LVL 2

Author Comment

by:David11011
ID: 39216796
Oldcmp worked great. Most the computer accounts have a last logon time stamp of
"0000/00/00-00:00:00" and an age of -1.

I wonder if this is why they weren't showing up with DSQUERY.  after a long lenght of inactivity does AD stop tracking the last logon time?
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 39216815
all 0's  means it has never been set.  Were they active at one time?

What is the functional level of your domain/forest?

Thanks

Mike
0
 
LVL 2

Author Comment

by:David11011
ID: 39216831
Yes, it is my understanding that they were all logged into at one time. It is running is a 2000 functional level though we don't have any 2000 computers anymore.
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 39216882
ok I asked because if it  was 2003 you could have used -llts to key of lastlogontimestamp.

Thanks

Mike
0

Featured Post

How Do You Stack Up Against Your Peers?

With today’s modern enterprise so dependent on digital infrastructures, the impact of major incidents has increased dramatically. Grab the report now to gain insight into how your organization ranks against your peers and learn best-in-class strategies to resolve incidents.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
This article runs through the process of deploying a single EXE application selectively to a group of user.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question