none
Deleting disabled computer accounts(from excel sheet) pulled from Active Directory

    Question

  • Hi Team,

    Kindly let us know the script to delete disabled computer objects from excel sheet.

    Paramesh.


    Paramesh KA

    Thursday, February 16, 2017 8:34 PM

All replies

  • Hi,

    You open Users and Comuters, and for each of the objects located in your excel sheet, that has the label Computer and Disabled, you search for it and right click it on delete it.

    On the other hand you could use a powershell script. But then more questions come:

    1: Why not just find all computer objects in Active Directory and delete them directly?

    2: If you have to do it from a specific sheet, it depeends on how its formated in that sheet, what you get out and what information.

    Usually it would be something like:

    $objects= Get-Content <Your File>

    $objDel = $objects | where-Object {$_.Disabled -eq $True}

    foreach ($obj in $objDel) {Remove-ADObject $obj}

    Thursday, February 16, 2017 8:46 PM
  • PowerShell - Clean up AD Computer Accounts:

    List all computer accounts in a domain

    Get-ADComputer –Filter {Name –Like "*"}

    View all computers that are logged in for 90 days to the Active Directory

    Search-ADaccount -AccountInactive -Timespan 90 -ComputersOnly

    OR

    $lastLogon = (get-date).adddays(-90).ToFileTime()
    Get-ADComputer -filter {lastLogonTimestamp -gt $lastLogon}

    Find and delete all disabled Computer accounts in Active Directory

    Search-ADAccount -AccountDisabled -ComputersOnly | Sort-Object | Remove-ADComputer

    Find and delete disabled computer accounts from a specific OU

    Search-ADAccount -AccountDisabled -Searchbase "OU=IT,DC=Contoso,DC=Com" -ComputersOnly | Sort-Object | Remove-ADComputer

    Export Computers List (Name, Operating System, Service Pack, Operating System version)to CSV File

    Get-ADComputer -Filter * -Property * | Select-Object Name,OperatingSystem,OperatingSystemServicePack,OperatingSystemVersion | Export-CSV AllWindows.csv -NoTypeInformation -Encoding UTF8

    https://social.technet.microsoft.com/wiki/contents/articles/5819.ad-powershell-for-active-directory-administrators.aspx

    https://community.spiceworks.com/how_to/125704-how-to-find-and-remove-stale-users-and-computers-in-active-directory

    https://trevorsullivan.wordpress.com/2009/09/19/powershell-clean-up-ad-computer-accounts/

    https://www.linkedin.com/pulse/cleaning-up-obsolete-user-computer-accounts-from-active-ajit-singh

    Thanks,

    Friday, February 17, 2017 6:57 AM
  • You may filter out the steps which you need this is complete steps from filtering till deletion:

    set the date to be used as a limit - in this example: 120 days earlier than the current date -> $old = (Get-Date).AddDays(-120)
    # get the list of computers with the date earlier than this date -> Get-QADComputer -IncludedProperties pwdLastSet -SizeLimit 0 | where { $_.pwdLastSet -le $old }
    # get a csv report -> Get-QADComputer -IncludedProperties pwdLastSet -SizeLimit 0 | where { $_.pwdLastSet -le $old } | select-object Name, ParentContainer, Description, pwdLastSet | export-csv c:\temp\outdated.csv
    # move such computers to another OU -> Get-QADComputer -IncludedProperties pwdLastSet -SizeLimit 0 | where { $_.pwdLastSet -le $old } | Move-QADObject -to my.corp/obsolete 

    # remove the computer records from AD (since this actually deletes the records, it would be preferable to run the command with -whatif switch before running without it) -> 
    Get-QADComputer -IncludedProperties pwdLastSet -SizeLimit 0 | where { $_.pwdLastSet -le $old } | Remove-QADObject -to my.corp/obsolete

    Friday, February 17, 2017 7:22 AM
  • Hi,

    Just checking in to see if the information provided was helpful. And if the replies as above are helpful, we would appreciate you to mark them as answers, please let us know if you would like further assistance.

    Best Regards,

    Wendy


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Friday, February 24, 2017 8:51 AM
    Moderator
  • If you have disabled computer list in excel and you are sure that they really are disabled, you can use below command

    Note: Save your excel as Csv file

    import-csv -path "C:\temp.csv" | foreach {remove-adcomputer -identity $_}

    Friday, February 24, 2017 9:04 AM