SCCM Active Directory System discovery will discover all the computers in your AD, including those inactive. To have a clean collection, you need to have a clean active directory. We can query the active directory to search computers that are inactive for certain of time and then remove them. Run the following command in the command prompt of the domain controller.
dsquery computer –inactive 8 | dsrm –subtree –noprompt
The command above will search for those computer that have been inactive for 8 weeks and then delete them from the active directory. You can change the number of weeks according to your needs.
Other than that, you can also output those inactive computers to an .txt or .csv file by performing the following command.
dsquery computer –inactive 8 > c:\output.csv
Very dangerous command and penitentially having disastrous effects.
ReplyDeletelastLogon is not replicated between DCs if you're not aware of it.
What this can lead to you can work out yourself.
How if the administrator analyse those computer before they delete the computer acc. They can also put those pc as disabled before they delete them...
ReplyDeleteBtw, thanks Adrian.
Yes that will make sense i.e. to quarantine them for a period of time. We usually disable and move them to a designated OU for at least a month after which objects get deleted - much safer :)
ReplyDeleteThanks for the sharing... =)
ReplyDeletedsquery computer -inactive 52 -limit 0 > inactivecomputers.txt
ReplyDeleteMuch Safer if you want to preview the list first.
This comment has been removed by the author.
ReplyDelete