Disable and removal of Computer accounts

dannytveria 

I wrote a quick script to do what you need, but please note

this script will REMOVE, and DISABLE adcomputer account, test it first and make sure its doing the result you need before applying it to production..

So what you need to change only is the last line, 

Get-BadPC -Days 180 -Action Disable

Days= what ever number of day

and action if you want to delete or disable.

function Get-BadPC{
param(
[parameter(mandatory=$true)]$Days,
[parameter(mandatory=$true)]
[ValidateSet('Delete','Disable')]$Action
)
$InactiveDate = (Get-Date).Adddays(-($Days))
$Computers_For_Action = Search-ADAccount -AccountInactive -DateTime $InactiveDate -ComputersOnly -SearchBase "DC=Test ,DC=local" | Where-Object {($_.distinguishedname -notlike "*,OU=Servers,*") -or ($_.distinguishedname -notlike "*,OU=Test,*") -or ($_.distinguishedname -notlike "*,OU=IT,*") -or ($_.distinguishedname -notlike "*,OU=Laptops,*") -or ($_.distinguishedname -notlike "*,CN=Computers,*")} 
$Computers_For_Action | Export-Csv "C:\Users\Administrator\Downloads\$($Action)-$((Get-Date).ToString('dd-MM-yyyy')).csv" -NoTypeInformation -Encoding UTF8

switch ($action){
Disable {$Computers_For_Action | Disable-ADAccount }
Delete {$Computers_For_Action | Remove-ADComputer -Confirm:$False }

}

}


Get-BadPC -Days 180 -Action Disable