Clearing old client pc's from active directory

How do i clear old client pc's from my SBS domain server active directory.I've cleared the cache in the dns but still this old pc names appear in active directory?
Who is Participating?
Lee W, MVPTechnology and Business Process AdvisorCommented:
You can use DSQUERY to determine which computers haven't reported to AD.

Run the following from the command line
dsquery computer -inactive 13
It should tell you which computers haven't reported in to the server in the last 3 months (13 weeks).

You can then delete those.

If you ever make a mistake, go to the computer, put it back into a workgroup and then rejoin the domain - that should put it back.
Joseph MoodyBlogger and wearer of all hats.Commented:
DNS and AD are separate. You will need to delete the AD accounts as well. You can use PowerShell to clean up old computer names:
Joseph MoodyBlogger and wearer of all hats.Commented:
Another popular tool is the OldCmp utility:
Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

Did You remove old PC objects from AD?
You should remove old PC from AD and if nesesery clear dns (remove old pc entries)
Brian PiercePhotographerCommented:
Just delete the account from AD
Cris HannaCommented:
Let's keep in mind that this is SBS.  #1 rule with SBS is use the wizards
So open the SBS console and go to Network > Computers and then right click on the computer account and click on delete.
Will SzymkowskiSenior Solution ArchitectCommented:
My two cents...

You run into issues like this with orphaned DNS records computer objects etc when computers are not removed properly from the domain.

When you remove a PC from the domain the correct way to do this is from the Advanced System Properties on the machine and moving it to a workgroup.

When you follow this process 2 things happen, the AD Computer Account goes into a Disabled State, and then communicates this change to DNS which then automatically removes the DNS records that are associated with this computer object because it is no longer on the domain.

There are always situations where you cannot remove a PC from the domain like I have described above but this is the most preferred/automated method to ensure that the computer accounts are cleaned up in all locations.

If you simply format the PC, delete or disable the AD computer object, the DNS entry will remain in DNS until you manually remove it.

As stated when you remove a PC from the domain using the workgroup method it puts the AD Account in a Disabled state, so the computer object is not removed from AD so if you want to remove it you will need to do this as well. The process simple illustrates how to do this and also remove the DNS entry at the same time.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.