I was trying to get a list of Active Computers on our Network. A DSQuery can give me a list of all computer , and I tried to get an inactive list for 4 weeks and subtract the value , however the Inactive List was not that acurate.
Instead I wanted to Query the PwdLastSet to
I found a few scripts online but they moved the computer accounts to OU’s , and I just needed this for auditing purposes. So I edited the tracked back script
Save the script as script.ps1 then run with .\script -OlderThan 30
param(
[int] $OlderThan = 20
)
try {
Import-Module ActiveDirectory -ErrorAction Stop -Verbose:$false
} catch {
Write-Error "Active Directory module failed to Import. Terminating the script. More details : $_"
exit(1)
}
try {
#Get domain name
$DomainDN = (Get-ADDomain -ErrorAction Stop).DistinguishedName
#Get Computers in Domaing
$Computers = Get-ADComputer -Filter * -Properties PasswordLastSet -SearchBase $DomainDN -ErrorAction Stop
} catch {
Write-Error "Failed to query active Directory for computers. Exiting the script. More details : $_"
exit(1)
}
$now = Get-Date
$agedate = (Get-Date).AddDays(-$OlderThan)
foreach($Computer in $Computers) {
$ComputerName = $computer.Name
$Computerpwdsetdate = $Computer.PasswordLastSet
#$Computerpwdsetdate
if($Computerpwdsetdate -lt $agedate) {
#Write-Host "Expired $ComputerName"
$computernumber = $computernumber + 1
}
}
Write-Host "Total = $computernumber"
Loading...