User Tools
networking:windows:active_directory:stale_computer_accts
Differences
This shows you the differences between two versions of the page.
| Next revision | Previous revision | ||
|
networking:windows:active_directory:stale_computer_accts [2015/09/10 11:37] gcooper created |
networking:windows:active_directory:stale_computer_accts [2022/10/12 09:34] (current) gcooper |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ====== Find Stale Active Directory Computer Accounts ====== | ====== Find Stale Active Directory Computer Accounts ====== | ||
| + | |||
| + | |||
| + | ===== Not Logged in Recently ===== | ||
| This command will show computer accounts that have not logged in recently. | This command will show computer accounts that have not logged in recently. | ||
| Line 8: | Line 11: | ||
| 24 is the number of weeks of inactivity. | 24 is the number of weeks of inactivity. | ||
| + | |||
| + | ===== Find Old Unused AD Computer Accounts ===== | ||
| + | |||
| + | ^Last logon time | ||
| + | ^Computer password age |Active Directory computers have an attribute called '' | ||
| + | |||
| + | These two commands are mostly complementary and can help identify old or inactive computer accounts for computers that no longer exist. | ||
| + | |||
| + | < | ||
| + | get-adcomputer -filter * -properties passwordlastset | select name, passwordlastset | sort passwordlastset | ||
| + | </ | ||
| + | |||
| + | < | ||
| + | get-adcomputer -filter * -properties lastLogonTimestamp | select name, lastLogonTimestamp | sort lastLogonTimestamp | ||
| + | </ | ||
| + | | ||
| + | | ||
networking/windows/active_directory/stale_computer_accts.1441906640.txt.gz · Last modified: 2015/09/10 11:37 by gcooper
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
