We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you a podcast all about Citrix Workspace, moving to the cloud, and analytics & intelligence. Episode 2 coming soon!Listen Now

x

want to delete users with never logged in status using Solar Winds Inactive user account removal tool

Medium Priority
449 Views
Last Modified: 2018-03-09
Downloaded Solar Winds inactive user account removal tool and ran it on my Windows 2008 Server.  On the last logon column, it shows the entry of "Never Logged in"  Does this mean I can remove all of these users that say this?  I ran this as "inactive since 1/1/2017
Comment
Watch Question

Kevin StanushApplication Developer

Commented:
Never remove accounts without first disabling them first.  If you want, move them into a special "Inactive Accounts" OU, then after a good quarantee period, delete them.  

Its going to be impossible for someone to say what this tool does unless they too have used it.  If it looks at the AD attribute 'LastLogonTimeStamp' which it probably does, then its just showing you the value of this attribute in the directory.  'Never Logged On' just means this attribute is not set/present.  

Here is more reading on this attribute:

https://blogs.technet.microsoft.com/askds/2009/04/15/the-lastlogontimestamp-attribute-what-it-was-designed-for-and-how-it-works/
Shaun VermaakSenior Consultant
CERTIFIED EXPERT
Awarded 2017
Distinguished Expert 2019

Commented:
You could use my ADCleanup tool which first disables object for a period before automatically deleting them. Also, if you have 2008 R2 or when you eventually upgrade, enable AD recycle bin
https://www.experts-exchange.com/articles/30820/Active-Directory-Cleanup-Tool-ADCleanup.html
Powershell to find inactive, disable and move disabled Active Directory Users and Computers to New OU:
http://expert-advice.org/active-directory/powershell-to-find-inactive-ad-users-and-computers-accounts/

How to Manage Inactive User and Computer Accounts in Active Directory:
https://www.lepide.com/how-to/manage-inactive-accounts-in-active-directory.html

You may also get help from this AD Cleanup solution to manage inactive user accounts and either move them to another OU, reset their passwords, disable them or just delete them all together.

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
If you need to remove inactive AD accounts, here's a complete PowerShell solution that you can use. Don't forget to test in in a lab environment first though: https://www.adaxes.com/blog/cleanup-active-directory-with-powershell.html
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.