D
Dimitri Furguson
I am in clean-up mode in AD and I have 100's of orphaned computer objects
out there. I have previewed some of the scripts out there that query for
last logon date, but that requires me to run against all AD controllers and
compared since I don't think that is infomation is replicated. Other
scripts query by password change but that doesn't apply because of certain
PC's that auto-login with accounts that have non-expiring passwords.
So what I did was create an AD query in ADUC and turned on the Modified
column in Views. I can then export the query findings into a TXT file that
I import into Excel. At first glance it appears to be a reliable list but
then again I am staring at 1300 computer accounts so I can't be sure. Could
you foresee any reason why the modified date would not be accurate? What I
don't know is what exactly triggers that field... simply from a reboot?
Thank you for your time.
out there. I have previewed some of the scripts out there that query for
last logon date, but that requires me to run against all AD controllers and
compared since I don't think that is infomation is replicated. Other
scripts query by password change but that doesn't apply because of certain
PC's that auto-login with accounts that have non-expiring passwords.
So what I did was create an AD query in ADUC and turned on the Modified
column in Views. I can then export the query findings into a TXT file that
I import into Excel. At first glance it appears to be a reliable list but
then again I am staring at 1300 computer accounts so I can't be sure. Could
you foresee any reason why the modified date would not be accurate? What I
don't know is what exactly triggers that field... simply from a reboot?
Thank you for your time.