How to find inactive Active Directory computers using PowerShell

This article explains the steps to identify and list inactive Active Directory (AD) computers using PowerShell and ADManager Plus, a unified AD, Office 365 and Exchange Server management and reporting solution.

To find inactive AD computers using the last login time, the Get-ADComputer cmdlet has to be used along with the necessary filters. Further, to get the inactive AD computers report for only specific OUs or domains, more attributes must be added, making the script more complex. As ADManager Plus offers predefined reports on all important AD objects, including computers, the inactive AD computers report can be generated, for the required domains and OUs, at just the click of a mouse button, making it the easiest and preferred option over PowerShell

Windows PowerShell

Steps to get inactive AD computers using PowerShell.

  • Ensure you have the necessary permissions to perform this action, and also to execute PowerShell scripts.
  • Get the domain and OU for which you wish to generate this report.
  • Create the script using the Get-ADComputer cmdlet, and execute it in the PowerShell window.

A sample PowerShell script to get AD inactive computers

 Copied
Import-Module ActiveDirectory
$DaysInactive = 30
$time = (Get-Date).Adddays(-($DaysInactive))
Get-ADComputer -Filter {LastLogonTimeStamp -lt $time} -Properties Name, OperatingSystem, SamAccountName, DistinguishedName | Export-CSV “D:\SecurityReports\StaleComputers.CSV” –NoTypeInformation
Click to copy entire script

This script will list all computers that have been inactive for 30 days, along with their properties such as sAMAccoutName, and Operating System. It will also export the report to the specific location in CSV format.

ADManager Plus

To generate inactive AD computers report,

  • Select the Inactive Computers report from Computer Reports section in the Reports tab. (For disabled computers, select the Disabled Computers report from Computer Reports in Reports tab.)
  • Select the domains and OUs from which you wish to get all the inactive computers, select the period if inactivity, and click Generate.
  • Click the Export as option, and select the format to export the report.

Screenshot

Inactive computers report in ADManager Plus

In fact, almost all AD, Office 365, Exchange management features have CSV import option built-into them, allowing you to manage the objects in single or bulk easily, using the same feature, with just mouse clicks.

» Start 30-day Free Trial

Limitations of using PowerShell to import users to AD

  • You will not be able to import AD users and add them to AD using PowerShell if you do not have sufficient permissions in AD. With ADManager Plus, users privileges in native AD or Exchange doesn't have to be elevated to add user to AD groups.
  • Using PowerShell to import users will need you to create complex scripts based on your needs. ADManager Plus on the other hand offers CSV import as a built-in option in all its management features, allowing you to import users list from CSV, with just point and click actions.
  • You must know how to execute the scripts from the PowerShell window. With ADManager Plus, all management and reporting operations can be performed from an intuitive GUI with just mouse-clicks based actions.
  • A misplaced hyphen, a typo in the LDAP names or lack of sufficient permission to configure even just one of the attributes used in the script will lead to errors. As ADManager Plus is completely GUI-driven, there is no need to depend on scripts, eliminating the chances of errors.
  • Embark on your script-free AD management, reporting, and automation journey with ADManager Plus.
  •  
  • By clicking 'Start your free trial now', you agree to processing of personal data according to the Privacy Policy.
  • Thanks
  • Your download should begin automatically in 15 seconds. If not, click here to download manually.

Related Powershell How-to Guides:

Email Download Link