Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations bkrike on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Cleaning up Active Directory?
- Thread starter ghost52
- Start date
- Thread starter
- #2
OK I am trying to use the dsquery computer, I am able to do a general "look up" on computer but when I add the "-inactive" switch I get an error. "Windows could not run this query because you are connected to a domain that does not support this query."
any thoughts?
any thoughts?
I ran into the same problem. I think it has to do with a mixed mode w2k/w2k3 enviro. But not sure.
However I found this:
Which will find old computers and can move them etc. Worth a look.
However I found this:
Which will find old computers and can move them etc. Worth a look.
Here's a tool that searches for old computers, but you have to buy it. It's called AD Janitor and you can find it here: [URL unfurl="true"]http://www.specopssoft.com/default.asp[/url]
You can do a much more extensive search for old users and computers simply by learning to write a couple of simple LDAP queries. See my LDAP query guide FAQ: faq774-5667
Here's how you would find computers that are very likely offline...
==========================
You can be pretty sure that a computer account is unused if the computer has not changed it's password in 120 days.
Open ADUC, right-click on "Saved Queries" and choose new.
Give the Query a name and click on "Define Query".
Select "Custom Search" from the Find combo box
On the Advanced tab insert a query something like this:
[blue](&(objectClass=computer)(pwdLastSet<=127473084000000000))[/blue]
This would list all computers that changed their password on or before 12/12/2005 @ 8:00AM UTC. (Which is about 120 days ago.)
Where I got the wierd long number above (127473084000000000) is documented in the FAQ. Its called an Integer8 date. Its the number of 100 nanosecond increments since 12:00AM 1/1/1601.
========================
This becomes really useful because you can export the lists that you create from ADUC to Tab Separated files that you can view and manipulate in Excel.
In addition, you can query specific information from AD and export it using CSVDE or LDIFDE.
PSC
Governments and corporations need people like you and me. We are samurai. The keyboard cowboys. And all those other people out there who have no idea what's going on are the cattle. Mooo! --Mr. The Plague, from the movie "Hackers
You can do a much more extensive search for old users and computers simply by learning to write a couple of simple LDAP queries. See my LDAP query guide FAQ: faq774-5667
Here's how you would find computers that are very likely offline...
==========================
You can be pretty sure that a computer account is unused if the computer has not changed it's password in 120 days.
Open ADUC, right-click on "Saved Queries" and choose new.
Give the Query a name and click on "Define Query".
Select "Custom Search" from the Find combo box
On the Advanced tab insert a query something like this:
[blue](&(objectClass=computer)(pwdLastSet<=127473084000000000))[/blue]
This would list all computers that changed their password on or before 12/12/2005 @ 8:00AM UTC. (Which is about 120 days ago.)
Where I got the wierd long number above (127473084000000000) is documented in the FAQ. Its called an Integer8 date. Its the number of 100 nanosecond increments since 12:00AM 1/1/1601.
========================
This becomes really useful because you can export the lists that you create from ADUC to Tab Separated files that you can view and manipulate in Excel.
In addition, you can query specific information from AD and export it using CSVDE or LDIFDE.
PSC
Governments and corporations need people like you and me. We are samurai. The keyboard cowboys. And all those other people out there who have no idea what's going on are the cattle. Mooo! --Mr. The Plague, from the movie "Hackers
- Status
Similar threads
- Locked
- Question
- Locked
- Question