General discussion

Locked

Old computer objects in AD

By philiprickard ·
I need to give an accurate count of live computers (servers included) to the director. Does anyone know of a way to age/scavenge old computer objects from Active Directory so it only leaves me with live computer objects. (I know this can be done in DNS but I'm looking for AD.)

Many thanks

This conversation is currently closed to new comments.

3 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

by sgt_shultz In reply to Old computer objects in A ...

did you see this:
How to search for deleted objects in Active Directory
http://support.microsoft.com/kb/284928/en-us

Collapse -

by jacobgin1 In reply to Old computer objects in A ...

The AD will not show u the exact count of computers as most Administrators just remove a pc from the network without removing from the domain first. Hence this removed omputer will still stay in AD. So i would say to check the DNS or use any 3rd party tools for network management.

Collapse -

by lowlands In reply to Old computer objects in A ...

Computer accounts in AD by default reset their password every thirty days. So any computer account in AD with a password age over 30 days is either gone, has not been rebooted or logged in to. Run "dsquery computer domainroot -inactive x (where x is in weeks). I disable (use dsmod) computer accounts that have been inactive for 13 weeks, delete (use dsrm) them at 20 weeks of inactivity.

Back to Networks Forum
3 total posts (Page 1 of 1)  

Related Discussions

Related Forums