Cleanup Inactive AD Accounts w/ PowerShell Pt 3: Splatting, Where-Object, Move-ADObject

Показать описание

In the previous two videos, I made a simple script that finds and disables all computers in an OU that have not had any users logon to them in the past 45 days and updated the AD description to include the disabled date.
In this video, I'm going to further expand the script by moving the disabled computers to another OU for inactive computers and then removing the ones from that Inactive OU that haven't had any users logon in the past 90 days.
In the process, I'll show you how to use Splatting for easier parameter input, the Where-Object command to filter output, and a couple other basic commands to manage Active Directory objects.

Chapters:
0:00 Intro & Script Demo
0:43 Script Changes
1:12 Splatting
2:52 Remove-ADComputer
3:56 Where-Object
5:20 Move-ADObject
5:44 Script Demo & Conclusion

Write-Up:

Carl Hill IT

Рекомендации по теме

Комментарии

Love you videos already. Is there a way to filter out Admin accounts in this search?

joshua

Good video. It's short and to the point. I do have a couple suggestions.

Since the AD Recycle Bin is a feature that needs to be enabled, I would suggest including a statement about that. Apologies if you've covered that in a previous part. Someone could execute the code assuming they could restore and find themselves without the capability.

Additionally, the attribute Protect from Accidental Deletion could prevent a computer object from being moved or deleted. And if the computer happens to have Microsoft Message Queue (MSMQ) installed, the configuration is stored in a leaf object on the computer object. This would also percent it from being deleted as you would need to remove the MSMQ leaf first.

I realize the latter topic is fairly advanced, but it's a possibility that an AD admin could run into.

Keep up the good work. I think your approach to breaking down a script into small videos like these can help many.

davecarroll

Cleanup Inactive AD Accounts w/ PowerShell Pt 3: Splatting, Where-Object, Move-ADObject

Cleanup Inactive AD Accounts w/ PowerShell Pt 1: New-Timespan, Search-ADAccount, Disable-ADAccount

Cleanup Inactive AD Accounts w/ PowerShell Pt 3: Splatting, Where-Object, Move-ADObject

Cleanup Inactive AD Accounts w/ PowerShell Pt 2: Get-Date, ForEach-Object

How to Get Disabled Users with or without PowerShell

Move Disabled users in disabled OU with email alert PowerShell script

Automate Customer Database Cleanup with 'Auto Inactive Customer Deletion' Module | OpenCar...

Move Disabled computers in OU with powershell | Move all disabled computers in disabled computers OU

How to Get a List of Inactive Local Windows Accounts with Corner Bowl Server Manager

How To Unban Instagram Account From Permanently Disabled [WITH IN 1 MINUTE IN 2024]

My New Runescape Account Can Only See Ads

monday com hack: Cleaning up inactive boards with the Content Directory

Problems With Restricted Facebook Ads & Disabled Facebook Ad Account?

Azure AD Disabled Users with Assigned Licenses Report

Sharepoint: Archive fails for list items with inactive user(Those are disabled in AD )

Merge Your Inactive LinkedIn Accounts with Ease

Does Google Delete Inactive Accounts? - SearchEnginesHub.com

#Honda Odyssey has modified disabled seats for people with limited mobility, creating accessible

Identify inactive admins in Entra ID with the Access Review feature and delete the role assignments

Salesforce: How to find and remove data records associated with an inactive approval process?

start visual studio code with disabled extensions

Increase Your Success with #emailautomation Remove Inactive Users

How to disabled button with using setInterval In javaScript #shortsfeed #shorts #short #shortvideo

2008 Toyota camry with blown headgasket Removed sparkplugs and disabled fuel pump and water shot out

Removing Inactive Friends With Prospect Remover