HI,
As you know my IT manager always keep me busy. These days we are cleaning our Active Directory. My Today's "Target of the Day" is to find all in-active computer accounts.
first i start thinking how to do it ? to use some filter in "Active Directory Computer and users" or i need to do something else. After few minutes of thinking i thoughts, why not try Powershell. :)
Let's Start.
Make sure you have "RSAT" installed on you laptop.
Now Import the Active Directory module.
Import-Module ActiveDirectory
..
ok, Module is imported,
we are going to use the Active Directory module cmdlet "Get-ADComputer"
"Get-ADComputer" has a property of Enabled which either is "false" or "True", the true means computer account is "enabled" and false means "Computer account is "disabled"
To find all the properties of a single computer account , use the below command.
Get-ADComputer R92DA6V -Properties *
Ok..not lets find all disabled/in-active computer accounts.
we are going to -filter to to find all inactive account and in Filter we are defining that show all computer who has the value of $false in the property Enabled.
Get-ADComputer -Filter "Enabled -eq '$false'"
all done ..but lets filter the output to show us only names.
Get-ADComputer -Filter "Enabled -eq '$false'" | Select Name
Ahh !! now it's look better...
Now i have the name of all inactive computer accounts in my AD.
Thanks for reading.
Thanks!
Aman Dhally
Sorry, but this is not 100% the truth.
ReplyDeleteWhat you see are Computer Objects that are enabled or disabled.
What you dont see are Computer Objects that are inactive , e.g since 3 months or so...
only wanted to be precise.