Using PowerShell to find dead computers in Active Directory (AD)

 Nov 04, 2016

Teaching a System Center Configuration Manager class a couple of weeks ago I was asked if there was a PowerShell command to find dead or stale computers in Active Directory.

Often computers are removed from a domain and rejoined after a new build with a new name, new operating system etc., and cleaning the account out of AD is missed. In general a computer resets is computer account password every 30 days, so if this has not been done for a period of time such as 90 to 120 days we can use the steps below in PowerShell to find the dead/stale computers.

  1. Ensure the Active Directory module for PowerShell is installed, if not, in the PowerShell command shell run Import-Module ActiveDirectory
  2. Create Variable below
  3. Run the command below

This will create an output with the below information

  • DistinguishedName
  • DNSHostName
  • Enabled
  • Name
  • ObjectClass
  • ObjectGUID
  • PasswordLastSet
  • SamAccountName
  • SID

Which can then be used to delete or remove the offending machines.

For more information, check out our PowerShell training courses.

How do your Excel skills stack up?   

Test Now  

Tags

Microsoft PowerShell Powershell System Center

How do
your Excel skills
stack up?

Grade your skills now

About the Author:

Steve Wiggins  

Steve is a highly experienced technical trainer with over 10 years of specialisation in Software Application Development, Project Management, VBA Solutions and Desktop Applications training. His practical experience in .NET programming, advanced solution development and project management enables him to train clients at all levels of seniority and experience. Steve also currently manages the IT infrastructure for New Horizons of Brisbane, providing him with daily hands-on experience with SCCM, Windows Server 2012 and Windows 8.

Read full bio

Next up:

Previously

top