RE: [ActiveDir] Cleaning out old machine accounts

Fri, 04 Oct 2002 09:32:18 -0700 

Attached is a Perl script I wrote a while back to manage inactive computer
objects.  It does the following:

* Iterate through each domain controller for a domain (uses Net::DNS)
* Find all disabled computer accounts (via userAccountControl)
* Find all inactive computer accounts (via pwdLastSet)
* Deletes the disabled computer accounts
* Disables the inactive computer accounts

In a nut shell, the script will disable any inactive computers it finds, and
then in the next invocation of the script, it will delete the disabled
computer accounts.  The script is meant to be run on a weekly or monthly
basis.  You can customize it to find inactive computers x number of months
old.

You could modify the script to directly delete the inactive computer
accounts, but when dealing with 60,000 computer objects, I'm a little
paranoid :-)

Robbie Allen


> "Burns, Clyde" <[EMAIL PROTECTED]>
> Sent by: [EMAIL PROTECTED]
> 03/10/2002 20:28
> Please respond to ActiveDir
> 
>  
>         To:     "'[EMAIL PROTECTED]'" 
> <[EMAIL PROTECTED]>
>         cc: 
>         Subject:        RE: [ActiveDir] Cleaning out old 
> machine accounts
> 
> 
> I used this back in NT4 days. It might be worth your time to 
> take a look 
> and
> see if will work in an AD environment.
> 
http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q197478&;

-----Original Message-----
From: Jason Benway [mailto:[EMAIL PROTECTED]]
Sent: Thursday, October 03, 2002 11:36 AM
To: '[EMAIL PROTECTED]'
Subject: [ActiveDir] Cleaning out old machine accounts


Our AD was upgraded from a NT domain. We have a bunch of old machine
accounts. What is the best method to tell if a machine no longer exists or
hasn't connected to the network?

Thanks,jb

-------------------------- 
Jason Benway
[EMAIL PROTECTED]
1250 S.Beechtree
Grand Haven, MI 49417
616-847-8474
Fax: 616-850-1208 
List info   : http://www.activedir.org/mail_list.htm
List FAQ    : http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ    : http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/



List info   : http://www.activedir.org/mail_list.htm
List FAQ    : http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

Attachment: inactive_computers.pl
Description: Binary data

Attachment: inactive_computers.pl
Description: Binary data

Reply via email to