How to find inactive Active Directory computers using PowerShell

This article explains the steps to identify and list inactive Active Directory (AD) computers using PowerShell and ADManager Plus, a unified AD, Office 365 and Exchange Server management and reporting solution.

To find inactive AD computers using the last login time, the Get-ADComputer cmdlet has to be used along with the necessary filters. Further, to get the inactive AD computers report for only specific OUs or domains, more attributes must be added, making the script more complex. As ADManager Plus offers predefined reports on all important AD objects, including computers, the inactive AD computers report can be generated, for the required domains and OUs, at just the click of a mouse button, making it the easiest and preferred option over PowerShell

Windows PowerShell

Steps to get inactive AD computers using PowerShell.

  • Ensure you have the necessary permissions to perform this action, and also to execute PowerShell scripts.
  • Get the domain and OU for which you wish to generate this report.
  • Create the script using the Get-ADComputer cmdlet, and execute it in the PowerShell window.

A sample PowerShell script to get AD inactive computers

 Copied
Import-Module ActiveDirectory
$DaysInactive = 30
$time = (Get-Date).Adddays(-($DaysInactive))
Get-ADComputer -Filter {LastLogonTimeStamp -lt $time} -Properties Name, OperatingSystem, SamAccountName, DistinguishedName | Export-CSV “D:\SecurityReports\StaleComputers.CSV” –NoTypeInformation
Click to copy entire script

This script will list all computers that have been inactive for 30 days, along with their properties such as sAMAccoutName, and Operating System. It will also export the report to the specific location in CSV format.

ADManager Plus

To generate inactive AD computers report,

  • Select the Inactive Computers report from Computer Reports section in the Reports tab. (For disabled computers, select the Disabled Computers report from Computer Reports in Reports tab.)
  • Select the domains and OUs from which you wish to get all the inactive computers, select the period if inactivity, and click Generate.
  • Click the Export as option, and select the format to export the report.

Screenshot

Inactive computers report in ADManager Plus

In fact, almost all AD, Office 365, Exchange management features have CSV import option built-into them, allowing you to manage the objects in single or bulk easily, using the same feature, with just mouse clicks.

» Start 30-day Free Trial

Limitations of using PowerShell to import users to AD

  • You will not be able to generate the inactive AD computers reports using PowerShell if you do not have enough privileges in the AD domains from which you wish to generate this report. With ADManager Plus, as there is no necessity to connect to the DC directly, there is no need to elevate users' or technicians' privileges in native AD.
  • To export the report in a different format or to store the report in a different location, the PowerShell script has to be modified. With ADManager Plus though, there is a built-in Export as option which allows you to export the report in CSV, PDF, HTML, or XLSX format at just the click of a mouse button.
  • If you wish to search the generated reports for any specific record or data, the PowerShell script doesn't offer any option. Also, it lacks the means to to manage the accounts from the report. ADManager Plus on the other hand offers a built-in search and on-the-fly management actions in all its reports to locate any computer easily and move, enable/disable, delete, or reset the desired accounts or modify their attributes, right from the reports.
  • You must know how to execute the scripts from the PowerShell window. As ADManager Plus is purely GUI-based, you can perform all management and reporting actions with just mouse clicks right from its web-based console.
  • Just a misplaced hyphen, or a misspelt LDAP attribute name could cause errors. ADManager Plus lets you perform all the desired management and reporting operations with purely GUI-based actions eliminating the need to create or execute complex scripts, eliminating chances of error.

Access the status of Active Directory computers from prebuilt reports.

  Get 30-day free trial.
  • Embark on your script-free AD management, reporting, and automation journey with ADManager Plus.
  •  
     
  • By clicking 'Start your free trial now', you agree to processing of personal data according to the Privacy Policy.
  • Thanks
  • Your download should begin automatically in 15 seconds. If not, click here to download manually.

Related Powershell How-to Guides:

The one-stop solution toActive Directory Management and Reporting

Email Download Link