stai leggendo...

Cleaning up my AD

fare pulizia in active directory con powershell… (ATTENZIONE)

Richard Siddaway's Blog


I decided it was time to clean some of the rubbish out of my test AD.  I’ll be upgrading to Windows Server 2012 R2 next month so a bi tof a clean up now is a good idea.

I decided to start with the computer objects.  I’ve created & deleted quite a few virtual machines over the years so there’s a good chance of finding something to remove.  Computes in an AD domain have a secure channel to the domain controller to which they authenticate on startup. The password on this channel is reset automatically every 30 days. Any machines that haven’t reset their password in a while a probably good candidtes for removal:

Get-ADComputer -Filter * -Properties PasswordLastSet |
select Name, PasswordLastSet |
sort PasswordLastSet

That shows me a few machines to remove. Anything that hasn’t reset its password for 12 months is fair game.

$date = (Get-Date).AddYears(-1)

View original post 252 altre parole



Non c'è ancora nessun commento.


Inserisci i tuoi dati qui sotto o clicca su un'icona per effettuare l'accesso:

Logo WordPress.com

Stai commentando usando il tuo account WordPress.com. Chiudi sessione /  Modifica )

Google+ photo

Stai commentando usando il tuo account Google+. Chiudi sessione /  Modifica )

Foto Twitter

Stai commentando usando il tuo account Twitter. Chiudi sessione /  Modifica )

Foto di Facebook

Stai commentando usando il tuo account Facebook. Chiudi sessione /  Modifica )


Connessione a %s...

%d blogger hanno fatto clic su Mi Piace per questo: