Check Active Directory for Stale Computers

Code Monkey 0 August 24, 2018 3:39 am 1971

Several times I have need to generate a list of computers that are identified as stale, but as an extra measure I want to try pinging them. This s

Testing SSL and TLS with PowerShell

Create Local Administrator Account Remotely

Changing PWDLASTSET in Active Directory

Several times I have need to generate a list of computers that are identified as stale, but as an extra measure I want to try pinging them. This snippet will do just that.

Green – Not Stale and Online
Yellow – Stale but Online (these could be troublesome computers)
Red – Stale and Offline (these most likely can be removed from Active Directory)

# This uses the PasswordLastSet property to determine if the account is stale, it is set to 90 days however you can change it to what you need. Ping is set to 1 with smaller buffer.

Import-Module active*
$rtn = $null
Get-ADComputer -Filter * -properties * |
ForEach-Object {
$rtn = Test-Connection -CN $_.dnshostname -Count 1 -BufferSize 16 -Quiet
IF($rtn -match ‘True’) {write-host -ForegroundColor green $_.dnshostname}
ELSE {
$date = [DateTime]::Today.AddDays(-90)
If ($_.PasswordLastSet -le $date)  {
Write-host -ForegroundColor red $_.dnshostname ” ” $_.PasswordLastSet ” Stale/Offline” }
else  {
Write-host -ForegroundColor yellow $_.dnshostname ” ” $_.PasswordLastSet ” Offline”  }}}

Post Views: 2,029

PowerShell Snippets 9 Scripts 6 Staff Picks 4 System Administration 5

AUTHOR: Code Monkey

I am the original "CodeMonkey", founder, CISSP and a Sr. System Administrator with over 31 years experience. I specialize in PowerShell Scripting and Virtualization. I hope that everyone will enjoy the site and contribute to make this a great resource for everyone! Author of "PowerShell Studio - A Comprehensive Guide"

COMMENTS

Leave a Reply Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

© 2018. TheCodeAsylum. All rights reserved.