nav2567
asked on
Query inactive computers in AD.
I use the below script to get list of inactive computers in my AD.
import-module activedirectory
$domain = "DC=mydomain,DC=com"
$DaysInactive = 180
$time = (Get-Date).Adddays(-($Days Inactive))
Get-ADComputer -Filter {LastLogonTimeStamp -lt $time} -Properties LastLogonTimeStamp |
select-object dnshostname,@{Name="Stamp" ; Expression={[DateTime]::Fr omFileTime ($_.lastLo gonTimesta mp)}} | export-csv "C:\results.csv" -notypeinformation
The result files looks like this:
"dnshostname","Stamp"
"computer 1.mydomain.com","6/8/2016 8:06:02 AM"
"computer 10.mydomain.com","6/16/201 6 5:34:00 AM"
....
Is there a way just to display the host names only instead of showing the FQDN?
"dnshostname","Stamp"
"computer 1","6/8/2016 8:06:02 AM"
"computer 10","6/16/2016 5:34:00 AM"
......
Thanks,
import-module activedirectory
$domain = "DC=mydomain,DC=com"
$DaysInactive = 180
$time = (Get-Date).Adddays(-($Days
Get-ADComputer -Filter {LastLogonTimeStamp -lt $time} -Properties LastLogonTimeStamp |
select-object dnshostname,@{Name="Stamp"
The result files looks like this:
"dnshostname","Stamp"
"computer 1.mydomain.com","6/8/2016 8:06:02 AM"
"computer 10.mydomain.com","6/16/201
....
Is there a way just to display the host names only instead of showing the FQDN?
"dnshostname","Stamp"
"computer 1","6/8/2016 8:06:02 AM"
"computer 10","6/16/2016 5:34:00 AM"
......
Thanks,
use CN
Also the attribute NAME would work
select-object NAME,@{Name="Stamp"; Expression={[DateTime]::FromFileTime($_.lastLogonTimestamp)}}
ASKER
Thank you.
Would you advise if returning the distinguished names of the inactive computers is possible?
Would you advise if returning the distinguished names of the inactive computers is possible?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Does the script above gather the lastLogonTimestamp from all Domain controllers or just one ?
The information is replicated between domain controllers. So typically this is run against just one domain controller (technically speaking the script could query more than one dc).
How large is your environment? Thousands of users? How many sites and domain controllers?
How large is your environment? Thousands of users? How many sites and domain controllers?
KB:
I've got 14 AD domain controllers that also runs Global Catalog spread across 7 AD sites (2 AD/DC each).
a total of 10k users
I've got 14 AD domain controllers that also runs Global Catalog spread across 7 AD sites (2 AD/DC each).
a total of 10k users
if the level of accuracy needs to be extremely high, then I might have the script force replication prior to running (or you could manually force replication).
Great,
So I will run the PowerShell script that you've suggested as above plus this one line at the top before query:
is that correct ?
So I will run the PowerShell script that you've suggested as above plus this one line at the top before query:
repadmin /syncall /AdePq
is that correct ?
Plus the time that it takes for the replication to complete.
Great.
Many thanks KB for the sharing and the follow-up to this request.
your contribution is very useful for us all here learning to understand this issue.
Many thanks KB for the sharing and the follow-up to this request.
your contribution is very useful for us all here learning to understand this issue.