Book Image

Active Directory with PowerShell

By : Pamarthi Venkata Sitaram, YELLAPRAGADA U PADMAVATHI
5 (1)
Book Image

Active Directory with PowerShell

5 (1)
By: Pamarthi Venkata Sitaram, YELLAPRAGADA U PADMAVATHI

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Active Directory with PowerShell
Pamarthi Venkata Sitaram | YELLAPRAGADA U PADMAVATHI
Jan, 2015 | 230 pages
No titles found
Table of Contents (16 chapters)
Active Directory with PowerShell
Active Directory with PowerShell
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Let's Get Started
Let's Get Started
Ways to automate Active Directory operations
Summary
2
Managing User and Computer Objects
Managing User and Computer Objects
Managing user accounts
Modifying user properties
Deleting user accounts
Managing computer accounts
Deleting computer accounts
Summary
3
Working with Active Directory Groups and Memberships
Working with Active Directory Groups and Memberships
Creating different types of security groups
Searching and modifying group object information
Adding members to a group
Listing members of a security group in Active Directory
Removing members from an AD group
Deleting a security group
Summary
4
Configuring Group Policies
Configuring Group Policies
Installing the Group Policy module
Querying Group Policies
Creating and linking Group Policies
Working with links, enforcements, and order of GPOs
Working with Group Policy permissions
Updating Group Policy and generating Resultant Set of Policy
Removing Group Policy links and objects
Summary
5
Managing Domains, Organizational Units, Sites, and Subnets
Managing Domains, Organizational Units, Sites, and Subnets
Managing domains
Managing Organizational Units
Managing sites and subnets
Summary
6
Advanced AD Operations Using PowerShell
Advanced AD Operations Using PowerShell
Installing a new domain
Adding additional domain controllers
Obtaining an Active Directory replication status
Managing Fine-Grained Password Policies
Transferring FSMO roles
Restoring deleted objects
Demoting domain controllers and removing domains
Summary
7
Managing DFS-N and DFS-R Using PowerShell
Managing DFS-N and DFS-R Using PowerShell
Installing DFS roles
Managing DFS-N
Managing DFS-R
Summary
8
Managing Active Directory DNS Using PowerShell
Managing Active Directory DNS Using PowerShell
Installing and configuring a DNS server
Working with root hints and forwarders
Managing DNS zones
Creating, modifying, and deleting DNS records
Managing DNS Clients
Summary
9
Miscellaneous Scripts and Resources for Further Learning
Miscellaneous Scripts and Resources for Further Learning
Checking whether a user, group, computer, or an OU exists
Getting membership of a user, computer, and group
Resetting the password for multiple user accounts
Bulk creation of user accounts
Getting the password expiry date of user accounts
Finding all the disabled user accounts
Getting all domain controllers and their site names in the forest
Moving objects from one OU to another
Finding inactive computers in Active Directory
Creating groups in bulk
Exporting an AD group member's details to CSV
Finding empty groups in Active Directory
Verifying whether a user is a member of the given group or not
Comparing AD groups' membership
Resources for further learning
Index
Index

Deleting computer accounts

As discussed in the previous section, as a system administrator one must adhere to the security policies of the organization and keep their Active Directory database clean and tidy. As part of this process, you might want to delete stale/offline computer objects from Active Directory.

Use the following simple command to delete a computer account:

Remove-ADComputer -Identity COMP1

The most common use case is searching for computers older than x days and removing them. You can achieve this using the following command:

$Computers = Get-ADComputer -Filter * -Properties LastLogonDate | ?  {$_.LastLogonDate -lt (get-date).Adddays(-10) }
$Computers | Remove-ADComputer

Tip

You need to be very careful while performing the delete operation. Any mistake in the filters can result in your production computers being deleted. So, I prefer storing the Get-ADComputer cmdlet results in a variable ($computer in this example), reviewing the list, and then passing it to the Remove-ADComputer...

Previous Section
End of Section 6
Next Section