fare pulizia in active directory con powershell… (ATTENZIONE)
I decided it was time to clean some of the rubbish out of my test AD. I’ll be upgrading to Windows Server 2012 R2 next month so a bi tof a clean up now is a good idea.
I decided to start with the computer objects. I’ve created & deleted quite a few virtual machines over the years so there’s a good chance of finding something to remove. Computes in an AD domain have a secure channel to the domain controller to which they authenticate on startup. The password on this channel is reset automatically every 30 days. Any machines that haven’t reset their password in a while a probably good candidtes for removal:
Get-ADComputer -Filter * -Properties PasswordLastSet |
select Name, PasswordLastSet |
That shows me a few machines to remove. Anything that hasn’t reset its password for 12 months is fair game.
$date = (Get-Date).AddYears(-1)
View original post 252 altre parole