Forum Discussion
Solved
Disable \ Remove old computer accounts
Hi, I have a script for disabling & removing old computer accounts. Import-Module ActiveDirectory
# Set the Parameters since last logon
$ForDisable = "C:\Logs\Computers Accounts\Disable-$((Ge...
Ok , test it and let me know if this help:
$Computers_For_Action = Search-ADAccount -AccountInactive -DateTime $InactiveDate -ComputersOnly -SearchBase "DC=staff ,DC=local" | Where-Object {($_.Enabled -eq $true) -and ($_.distinguishedname -notlike "*,OU=Servers,*") -and ($_.distinguishedname -notlike "*,OU=Test,*") -and ($_.distinguishedname -notlike "*,OU=IT,*") -and ($_.distinguishedname -notlike "*,OU=Laptops,*") -and ($_.distinguishedname -notlike "*,CN=Computers,*") -and ($_.distinguishedname -notlike "*,CN=Managed Service Accounts,*") }
Hi Aharon,
I didn't understand your all explain.
My final goal is to get a csv report with only the computer accounts that disabled or deleted on the same day.
Thanks
I didn't understand your all explain.
My final goal is to get a csv report with only the computer accounts that disabled or deleted on the same day.
Thanks
Hi,
If you don't specify that you want to deactivate only the computers that are currently active, then the csv file will still contain the computers that have already been deactivated, so you must specify that you want to deactivate only the active computers with the filter ($ _. Enabled -eq $true)
If you don't specify that you want to deactivate only the computers that are currently active, then the csv file will still contain the computers that have already been deactivated, so you must specify that you want to deactivate only the active computers with the filter ($ _. Enabled -eq $true)
- Thanks Aharon for your help
Ok , test it and let me know if this help:
$Computers_For_Action = Search-ADAccount -AccountInactive -DateTime $InactiveDate -ComputersOnly -SearchBase "DC=staff ,DC=local" | Where-Object {($_.Enabled -eq $true) -and ($_.distinguishedname -notlike "*,OU=Servers,*") -and ($_.distinguishedname -notlike "*,OU=Test,*") -and ($_.distinguishedname -notlike "*,OU=IT,*") -and ($_.distinguishedname -notlike "*,OU=Laptops,*") -and ($_.distinguishedname -notlike "*,CN=Computers,*") -and ($_.distinguishedname -notlike "*,CN=Managed Service Accounts,*") }Get-BadPC -Days 180 -Action Disable Get-BadPC -Days 365 -Action Deletethis the parameters for inactive days
- If you restart the script just after then effectively the csv will be empty, so you will have to wait until the computers are new "old" for the script to return results. It will depend on your $InactiveDate filter
- So if I add the filter today, the next run of the script will be empty or only the disabled computers for today?