As time goes by, on an Active Directory, it becomes inevitable to find yourself with parasitic computers and users objects. By parasites I mean the fact that they are no longer used in the company (computers and/or users physically destroyed, stolen, lost, gone etc…).
In this case it could be good to clean up our AD, but the question is : how to recover a list of computers and users that are no longer used in a AD domain?
The purpose of this article is to see how to obtain a list of computers and/or users that have not been connected to the domain for a predefined number of days using PowerShell.
First thing to know is how to get AD users or computers list.
PS C:\ > (Get-ADComputer -Filter '*').Name
PS C:\ > (Get-ADComputer -Filter 'Name -Like "PC*"').Name
PS C:\ > (Get-ADUser -Filter '*').SamAccountName
PS C:\ > $user = "e.cartman"
PS C:\ > Get-ADUser "$user" -Properties LastLogonTimeStamp
PS C:\ > [DateTime]::FromFileTime((Get-ADUser "$user" -Properties LastLogonTimeStamp).LastLogonTimeStamp)
We now have everything we need to list our computers or users.
PS C:\ > $days = 120
PS C:\ > Get-ADComputer -Filter '*' -Properties LastLogonTimeStamp | where { ($(Get-Date)-[DateTime]::FromFileTime($_.LastLogonTimeStamp)).Days -gt $days } | Select-Object Name
PS C:\ > $days = 120
PS C:\ > Get-ADUser -Filter '*' -Properties LastLogonTimeStamp | where { ($(Get-Date)-[DateTime]::FromFileTime($_.LastLogonTimeStamp)).Days -gt $days } | Select-Object Name
Contact :