Why not delete to active directory on dis-join computer

If you not delete to disjoin computer, your active directory manage to hard.

because, active directory all manage plan start computer. GPO, OU, even replication

User is you can manage, but computer is so hard. if your company is big, then more hard to manage.

So, i give you some tip. this tip is computer find last active day.

Solution 1

dsquery is find “ntds”  in there we will scan not active computer.

-inactive option uses the LastLogonTimeStamp

But this  command is little loose,  not updated every time a computer logs on to other domain controllers so, your data quality  little be not good.

Solution 2(Recommend)

Use to Powershell, this data quality is good, this command collect to other domain controllers.

 

And if you want to automatic delete to old computer use to dsrm

dsrm very simpley

in powershell use this.

Good Luck

Facebook Comments

Leave A Reply

이메일은 공개되지 않습니다. 필수 입력창은 * 로 표시되어 있습니다.