Document Actions
AD Stale Computer Record Query
Ever want to show your customer what computer records are stale in AD? Want to use an AD UDD discovery to distribute clients to real machines? Well here is a handy little command line that you can use to generate a file that list all machines in a domain that are stale. Stale state is determined by querying the AD database for machines that have not communicated to the Domain Controller in a specific amount of days. First example can be used to identify those records, and the second example can be used to delete those dead machines.
This query outputs a report of stale computer accounts to a CSV file without deleting them.
DSQUERY COMPUTER "OU=COMPUTERS,DC=LANDESK,DC=COM" -STALEPWD 90 -LIMIT 5000 >C:\output.csv
Command Breakdown
DSQUERY DSQUERY is a tool on the adminpak.msi toolset.
COMPUTER Specifies which type of account we are querying.
"OU=COMPUTERS,DC=LANDESK,DC=COM" Active Directory location to query. Children are implied.
-STALEPWD 90 # of days that qualifies an account as stale
-LIMIT 5000 Maximum # of lines to output.
>C:\output.csv Pipes results out to a CSV file called Output.csv.
This query outputs a report of stale computer accounts to a CSV file AND DELETES THEM.
DSQUERY COMPUTER "OU=COMPUTERS,DC=LANDESK,DC=COM" -STALEPWD 90 -LIMIT 5000 | DSRM -NOPROMPT >C:\Output.csv
Command Breakdown
DSQUERY DSQUERY is a tool on the adminpak.msi toolset.
COMPUTER Specifies which type of account we are querying.
"OU=COMPUTERS,DC=LANDESK,DC=COM" Active Directory location to query. Children are implied.
-STALEPWD 90 # of days that qualifies an account as stale
-LIMIT 5000 Maximum # of lines to output.
| DSRM -NOPROMPT Deletes computer accounts that are returned.
>C:\output.csv Pipes results out to a CSV file called Output.csv.
Forgot your password?
New user?
