Lingering Objects and Powershell

Indie101
Indie101 used Ask the Experts™
on
Is there a way to find Lingering Objects in AD through Powershell commands on the DCs?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
RobertSystem Admin

Commented:
Not sure if I am understanding your question correclty or not but if you mean finding stale computer objects you could use get-adcomputer and use a filter based on last logon. (note the filter usea a date so you would need to get the date and subtract the number of days)

something like
 
$date = (Get-Date).Adddays(-(60))
Get-ADComputer -Filter {LastLogonTimeStamp -lt $date} 

Open in new window


I personally just use dsquery (you could call from within powershell if you want but just as easy to run from cmd).
dsquery computer DC=domain,DC=com -inactive 15 -limit 0 >> C:\inactivePC-15-weeks.txt

Open in new window


You can do either for users also.
Application Developer
Commented:
No, I don't believe there is a one-size-fits-all command to show lingering objects, but here is a good tech article that covers all of the bases, depending on what o/s version you have:

https://support.microsoft.com/en-us/help/910205/information-about-lingering-objects-in-a-windows-server-active-directo

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial