?
Solved

Need to remove dormant computer accounts from active directory.  What's a good (paid or free) solution?

Posted on 2014-09-03
3
Medium Priority
?
455 Views
Last Modified: 2014-09-04
Need to remove dormant computer accounts from active directory.  What's a good (paid or free) solution?  

Also, does anyone know the default setting (in days) in which a computer account's status changes and must be re-added to the domain?  Thanks.
0
Comment
Question by:LB1234
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 14

Accepted Solution

by:
Brad Groux earned 1600 total points
ID: 40301143
The term you are looking for is "stale," specifically stale computer objects. This TechNet blog post takes you through all of the steps - http://blogs.technet.com/b/ken_brumfield/archive/2008/09/16/identifying-stale-user-and-computer-accounts.aspx

Here is a script to find stale computer objects in Active Directory - http://gallery.technet.microsoft.com/scriptcenter/7bc5bc1c-e934-4ce1-8a77-3b0105807402

Here's one that utilizes Quest's free tools - http://gallery.technet.microsoft.com/Active-Directory-Stale-f775cc22

If a machine is offline more than 30 days it may become stale. Best practice is generally to query machines who have been offline for 90+ days. Stale machines won't be kicked from the domain, if they are plugged in or attached to the domain at any time they can log back in... thus, it is a good idea to clean out stale objects from time to time.

This blog post shows you how you can send out an automated email with stale accounts - http://pipe2text.com/?page_id=121
0
 
LVL 22

Assisted Solution

by:Joseph Moody
Joseph Moody earned 400 total points
ID: 40301150
Brad pretty much got you covered. If you prefer safety, you can disable the stale objects and move them to a dedicated OU. After a certain period, you can delete those objects.

http://deployhappiness.com/managing-stale-computers-and-users/
0
 
LVL 1

Author Closing Comment

by:LB1234
ID: 40303295
I wound up using AD Manager Plus from Manage Engine, but thanks!
0

Featured Post

ATEN's HDBaseT Presentation at InfoComm 2017

Hear ATEN Product Manager YT Liang review HDBaseT technology, highlighting ATEN’s latest solutions as they relate to real-world applications during her presentation at the HDBaseT booth at InfoComm 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here's a look at newsworthy articles and community happenings during the last month.
In this modest contribution, I want to share with the IT community (especially system administrators, IT Support Engineers and IT Help Desks) about Windows crashes/hangs and how to deal with these particular problems.
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question