Remove/Disable computer accounts

All replies

• 

  

  0

  Sign in to vote

  Your best bet would be to continue using oldcmp...

  Be aware of caveats in regard to computer accounts though (clustered virtual servers or VPN connected computers) - more at http://blog.joeware.net/2007/05/01/864/

  hth
  Marcin

  • Marked as answer by Bruce-Liu Thursday, October 7, 2010 12:42 PM

  Monday, September 27, 2010 1:04 PM
• 

  

  0

  Sign in to vote

  "the following command will find all computers in Active Directory that have not been logged into during the past 8 weeks:
  
  dsquery computer -inactive 8 -limit 0
  
  After reviewing this list to make sure these computers no longer exist on your network you can use the following command to find and delete them:
  
  dsquery computer -inactive 8 -limit 0 | dsrm

  "

  http://www.windowsnetworking.com/kbase/WindowsTips/Windows2003/AdminTips/Admin/PruningOldComputerAccountsinAD.html

  http://technet.microsoft.com/en-us/library/cc732952(WS.10).aspx

  Monday, September 27, 2010 1:08 PM
• 

  

  0

  Sign in to vote

  You can use the following option also:

   

  http://portal.sivarajan.com/2010/03/delete-stale-or-inactive-computer.html

   

  dsquery computer –inactive 2 | dsrm -noprompt
  dsquery computer –disabled | dsrm -noprompt

   

   

   

  "Biga_b" wrote in message news:575dca5e-308c-458d-b7db-3b3a522ebf2d...

  We are migrating Active Directory 2003 to 2008 R2. I think that in every AD enviroment after a while you will have a lot of computer account that can be deleted from AD.

  In the past i've used a tool OLDCMP from http://www.joeware.net/freetools/. It Works great.. Last time i used it was 2 years ago.. I don't know if i can use it in a 2008 AD enviroment. i don't know all the 2008 features, but is it possible to create a query in AD to select all computer accounts that not have logged on for, let's say 180 days?

  Thanx

   

  ---

  Santhosh Sivarajan | MCTS, MCSE (W2K3/W2K/NT4), MCSA (W2K3/W2K/MSG), CCNA, Network+ Houston, TX
  
  Blogs - http://blogs.sivarajan.com/
  Articles - http://www.sivarajan.com/publications.html
  Twitter: @santhosh_sivara - http://twitter.com/santhosh_sivara
  
  This posting is provided AS IS with no warranties, and confers no rights.

  Monday, September 27, 2010 2:23 PM
• 

  

  0

  Sign in to vote

  hmmm..I think i will continue using oldcmp. I like the option that i can disable and move the computer accounts to a OU, prior to deleting the them. Just to be sure i didn't move an account that is still active. And the fact that i can export it to html.

  Anyway , thanks.

  Monday, September 27, 2010 3:00 PM
• 

  

  0

  Sign in to vote

  Yes, i will still use oldcmp. dsquery is limited by comparison with oldcmp

  Tuesday, September 28, 2010 8:05 AM
• 

  

  0

  Sign in to vote

  Biga_b

   

  Dsquery is not Limited, Dsquery is also best tool.

  Tuesday, September 28, 2010 9:38 AM
• 

  

  0

  Sign in to vote

  I didn't mean to hurt nobody's feelings, :-). Dsquery looks like a cool tool, but never used it. Just looks like i can do a litlle bit extra with oldcmp, considering the parameters you can use. http://www.joeware.net/freetools/tools/oldcmp/usage.htm

  Thanx

  Tuesday, September 28, 2010 10:40 AM
• 

  

  0

  Sign in to vote

  Any update?  Please let us know if you need more info from our side.

  ---

  Santhosh Sivarajan | MCTS, MCSE (W2K3/W2K/NT4), MCSA (W2K3/W2K/MSG), CCNA, Network+ Houston, TX
  
  Blogs - http://blogs.sivarajan.com/
  Articles - http://www.sivarajan.com/publications.html
  Twitter: @santhosh_sivara - http://twitter.com/santhosh_sivara
  
  This posting is provided AS IS with no warranties, and confers no rights.

  Saturday, October 2, 2010 2:43 PM
• 

  

  0

  Sign in to vote

  If you want an easy to use GUI tool rather than command line, I recently wrote an app (its completely free) to find unused computer and user accounts - you just configure your search (for example you could narrow it down to all computer accounts in a particular OU that have not logged on for 180 days) and then the app will query all DCs to find out the last logon time for each account that matches your search criteria. For any accounts that were found, you can perform any of the following actions: Disable, Delete, Move, Remove From Group, Add To Group, Remove From All Groups, Export To CSV, Set Description, Set Expiry Date, and a couple of others.

  If you like the sound of it you can find more info, screenshots, and a free download on my website here: http://www.cjwdev.co.uk/Software/ADTidy/Info.html

  I only released it about 4 weeks ago and so far over 1000 people have downloaded it and all of the feedback I've had has been very positive, so hopefully it is useful to you as well :)

  ---

  My website: www.cjwdev.co.uk My blog: cjwdev.wordpress.com

  • Proposed as answer by Syed Khairuddin Sunday, October 3, 2010 6:30 AM

  Saturday, October 2, 2010 10:26 PM
• 

  

  0

  Sign in to vote

  For some reason i didn't receive any mail alerts since my last post. Anyway, Chris this looks like a -must have- tool. I'll definitely have a testdrive.. I will compare it to oldcmp, what's also a powerfull tool. Thanx for posting such nice tool for free..

  Thanx

  Friday, October 8, 2010 2:43 PM
• 

  

  0

  Sign in to vote

  No worries, let me know if you have any feedback (good or bad) on it :)

  ---

  My website: www.cjwdev.co.uk My blog: cjwdev.wordpress.com

  Friday, October 8, 2010 5:04 PM