Forum Discussion
Disable and removal of Computer accounts
The point of creating a function is to reduce code duplication, plus it provides better control of the business requirement.
the only change you need to do is add 1 extra line as RGijsbersRademakers say
Get-BadPC -Days 180 -Action Disable
Get-BadPC -Days 365 -Action Delete
Thanks
function Get-BadPC{
param(
[parameter(mandatory=$true)]$Days,
[parameter(mandatory=$true)]
[ValidateSet('Delete','Disable')]$Action )
$InactiveDate = (Get-Date).Adddays(-($Days))
$Computers_For_Action = Search-ADAccount -AccountInactive -DateTime $InactiveDate -ComputersOnly -SearchBase "DC=Test ,DC=local" | Where-Object {($_.distinguishedname -notlike "*,OU=Servers,*") -or ($_.distinguishedname -notlike "*,OU=Test,*") -or ($_.distinguishedname -notlike "*,OU=IT,*") -or ($_.distinguishedname -notlike "*,OU=Laptops,*") -or ($_.distinguishedname -notlike "*,CN=Computers,*")} | Select-Object Name, LastLogonDate, Enabled, DistinguishedName
$Computers_For_Action | Export-Csv "C:\Users\Administrator\Desktop\$($Action)-$((Get-Date).ToString('dd-MM-yyyy')).csv" -NoTypeInformation -Encoding UTF8
switch ($action){
Disable {$Computers_For_Action | Disable-ADAccount }
Delete {$Computers_For_Action | Remove-ADComputer -Confirm:$False }
}
}
Get-BadPC -Days 180 -Action Disable
Get-BadPC -Days 356 -Action DeleteThis is my script and i get the next error
Disable-ADAccount : The input object cannot be bound to any parameters for the command either because the command does not take pipel
ine input or the input and its properties do not match any of the parameters that take pipeline input.
Hi Faris how r u?
I found a problem with the report CSV.
I see in the report always the computer that already disabled.
Is there any way to change the script that will report only the computer account he found every morning?
- First of all thanks a lot Faris.
Yes, I remember you told me to remove and I actually removed this raw after the pipeline but still has not worked.
Now it`s working well
Again Thanks a lot
Stay health In the original script, I posted there was no Select-Object at the end of the filter.
This is what is causing the issue.
Please remove the select Object$Computers_For_Action = Search-ADAccount -AccountInactive -DateTime $InactiveDate -ComputersOnly -SearchBase "DC=Test ,DC=local" | Where-Object {($_.distinguishedname -notlike "*,OU=Servers,*") -and ($_.distinguishedname -notlike "*,OU=Test,*") -and ($_.distinguishedname -notlike "*,OU=IT,*") -and ($_.distinguishedname -notlike "*,OU=Laptops,*") -and ($_.distinguishedname -notlike "*,CN=Computers,*")}
Spoiler|Select-Object Name, LastLogonDate, Enabled, DistinguishedNamefunction Get-BadPC{ param( [parameter(mandatory=$true)]$Days, [parameter(mandatory=$true)] [ValidateSet('Delete','Disable')]$Action ) $InactiveDate = (Get-Date).Adddays(-($Days)) $Computers_For_Action = Search-ADAccount -AccountInactive -DateTime $InactiveDate -ComputersOnly -SearchBase "DC=Test ,DC=local" | Where-Object {($_.distinguishedname -notlike "*,OU=Servers,*") -and ($_.distinguishedname -notlike "*,OU=Test,*") -and ($_.distinguishedname -notlike "*,OU=IT,*") -and ($_.distinguishedname -notlike "*,OU=Laptops,*") -and ($_.distinguishedname -notlike "*,CN=Computers,*")} | Select-Object Name, LastLogonDate, Enabled, DistinguishedName $Computers_For_Action | Export-Csv "C:\Users\Administrator\Desktop\$($Action)-$((Get-Date).ToString('dd-MM-yyyy')).csv" -NoTypeInformation -Encoding UTF8 switch ($action){ Disable {$Computers_For_Action | Disable-ADAccount } Delete {$Computers_For_Action | Remove-ADComputer -Confirm:$False } } } Get-BadPC -Days 180 -Action Disable Get-BadPC -Days 356 -Action Deletesure
Thanks
- would you please show me the code again with the filter.
I try it on my side and its working fine. - replace the -or with -and in the
Yes, I ran only the last script you shared with me.
I got a computer account that I need to disable and also computer accounts that not needed to disable.
- What is the output of the last script, are you able to get the result ?
- I didn`t understand why the script not working.
as I posted earlier dannytveria Hi
Yes, this is expected if the number of computer object returned is zero.
You can see the result by running the query it self
$InactiveDate = (Get-Date).Adddays(-($Days)) $Computers_For_Action = Search-ADAccount -AccountInactive -DateTime $InactiveDate -ComputersOnly -SearchBase "DC=Test ,DC=local" | Where-Object {($_.distinguishedname -notlike "*,OU=Servers,*") -or ($_.distinguishedname -notlike "*,OU=Test,*") -or ($_.distinguishedname -notlike "*,OU=IT,*") -or ($_.distinguishedname -notlike "*,OU=Laptops,*") -or ($_.distinguishedname -notlike "*,CN=Computers,*")} | Select-Object Name, LastLogonDate, Enabled, DistinguishedName Write-Host "The Number of hosts in your search is " -NoNewline Write-Host "$($Computers_For_Action.count)" -ForegroundColor Green
