One simple alternative is netpwage.exe - google for it. You specify computers or users, and the number of days since last password change, and it'll give you a list of objects that are haven't changed their password in at least that long.
It's old, but still works just fine - though I've found that the objects it lists aren't always moribund. Kurt On Wed, Sep 3, 2008 at 8:44 AM, David Lum <[EMAIL PROTECTED]> wrote: > How do you guys with larger org's handle keeping AD tidy and not having a > bunch on non-existent system, user and group accounts? I work for a mid-size > org and am almost certainly the only Systems Engineer here who is willing to > take the time to try and maintain AD. If I do an AD query of systems with > "description has a value" I come up with 191 objects. A search of computers > with "description has a no value" comes up with 811, and since NWEA has ~250 > employees and 140-ish servers I'm pretty sure there is a ton of clutter in > there. Ferreting out the invalid desktops/laptops is the bigger issue of the > two. > > > > Suggestions? > > David Lum > SYSTEMS ENGINEER // NORTHWEST EVALUATION ASSOCIATION > [EMAIL PROTECTED] // 971.222.1025 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
