RE: [ActiveDir] Cleaning out old machine accounts
I did this a while back with some perl that looped round and pinged all the machine accounts in a domain, logging whether they were up or not. I probably still have the code lying around, but it would need to be modified to your needs. Contact me off list if you are interested... Cheers, Paul Burns, Clyde [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] 03/10/2002 20:28 Please respond to ActiveDir To: '[EMAIL PROTECTED]' [EMAIL PROTECTED] cc: Subject:RE: [ActiveDir] Cleaning out old machine accounts I used this back in NT4 days. It might be worth your time to take a look and see if will work in an AD environment. http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q197478; -Original Message- From: Jason Benway [mailto:[EMAIL PROTECTED]] Sent: Thursday, October 03, 2002 11:36 AM To: '[EMAIL PROTECTED]' Subject: [ActiveDir] Cleaning out old machine accounts Our AD was upgraded from a NT domain. We have a bunch of old machine accounts. What is the best method to tell if a machine no longer exists or hasn't connected to the network? Thanks,jb -- Jason Benway [EMAIL PROTECTED] 1250 S.Beechtree Grand Haven, MI 49417 616-847-8474 Fax: 616-850-1208 List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Cleaning out old machine accounts
ADMT can report on machines with expired passwords. HTH dave -Original Message- From: Jason Benway [mailto:[EMAIL PROTECTED]] Sent: 03 October 2002 16:36 To: '[EMAIL PROTECTED]' Subject: [ActiveDir] Cleaning out old machine accounts Our AD was upgraded from a NT domain. We have a bunch of old machine accounts. What is the best method to tell if a machine no longer exists or hasn't connected to the network? Thanks,jb -- Jason Benway [EMAIL PROTECTED] 1250 S.Beechtree Grand Haven, MI 49417 616-847-8474 Fax: 616-850-1208 List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Cleaning out old machine accounts
Attached is a Perl script I wrote a while back to manage inactive computer objects. It does the following: * Iterate through each domain controller for a domain (uses Net::DNS) * Find all disabled computer accounts (via userAccountControl) * Find all inactive computer accounts (via pwdLastSet) * Deletes the disabled computer accounts * Disables the inactive computer accounts In a nut shell, the script will disable any inactive computers it finds, and then in the next invocation of the script, it will delete the disabled computer accounts. The script is meant to be run on a weekly or monthly basis. You can customize it to find inactive computers x number of months old. You could modify the script to directly delete the inactive computer accounts, but when dealing with 60,000 computer objects, I'm a little paranoid :-) Robbie Allen Burns, Clyde [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] 03/10/2002 20:28 Please respond to ActiveDir To: '[EMAIL PROTECTED]' [EMAIL PROTECTED] cc: Subject:RE: [ActiveDir] Cleaning out old machine accounts I used this back in NT4 days. It might be worth your time to take a look and see if will work in an AD environment. http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q197478; -Original Message- From: Jason Benway [mailto:[EMAIL PROTECTED]] Sent: Thursday, October 03, 2002 11:36 AM To: '[EMAIL PROTECTED]' Subject: [ActiveDir] Cleaning out old machine accounts Our AD was upgraded from a NT domain. We have a bunch of old machine accounts. What is the best method to tell if a machine no longer exists or hasn't connected to the network? Thanks,jb -- Jason Benway [EMAIL PROTECTED] 1250 S.Beechtree Grand Haven, MI 49417 616-847-8474 Fax: 616-850-1208 List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ inactive_computers.pl Description: Binary data inactive_computers.pl Description: Binary data
RE: [ActiveDir] Cleaning out old machine accounts
I used this back in NT4 days. It might be worth your time to take a look and see if will work in an AD environment. http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q197478; -Original Message- From: Jason Benway [mailto:[EMAIL PROTECTED]] Sent: Thursday, October 03, 2002 11:36 AM To: '[EMAIL PROTECTED]' Subject: [ActiveDir] Cleaning out old machine accounts Our AD was upgraded from a NT domain. We have a bunch of old machine accounts. What is the best method to tell if a machine no longer exists or hasn't connected to the network? Thanks,jb -- Jason Benway [EMAIL PROTECTED] 1250 S.Beechtree Grand Haven, MI 49417 616-847-8474 Fax: 616-850-1208 List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
