cloudcap10 · June 8, 2020 01:22
diff --git a/Manage-ADComputers.ps1 b/Manage-ADComputers.ps1
 Import-Module ActiveDirectory

 # Set the number of days since last logon
 $DaysInactive = 90
 $InactiveDate = (Get-Date).Adddays(-($DaysInactive))

 #-------------------------------
 # FIND INACTIVE COMPUTERS
 #-------------------------------
 # Below are three options to find inactive computers. Select the one that is most appropriate for your requirements:

 # Get AD Computers that haven't logged on in xx days
 $Computers = Get-ADComputer -Filter { LastLogonDate -lt $InactiveDate -and Enabled -eq $true } -Properties LastLogonDate | Select-Object Name, LastLogonDate, DistinguishedName

 # Get AD Computers that have never logged on
 $Computers = Get-ADComputer -Filter { LastLogonDate -notlike "*" -and Enabled -eq $true } -Properties LastLogonDate | Select-Object Name, LastLogonDate, DistinguishedName

 # Automated way (includes never logged on computers)
 $Computers = Search-ADAccount -AccountInactive -DateTime $InactiveDate -ComputersOnly | Select-Object Name, LastLogonDate, Enabled, DistinguishedName

 #-------------------------------
 # REPORTING
 #-------------------------------
 # Export results to CSV
 $Computers | Export-Csv C:\Temp\InactiveComputers.csv -NoTypeInformation

 #-------------------------------
 # INACTIVE COMPUTER MANAGEMENT
 #-------------------------------
 # Below are two options to manage the inactive computers that have been found. Either disable them, or delete them. Select the option that is most appropriate for your requirements:

 # Disable Inactive Computers
 ForEach ($Item in $Computers){
  $DistName = $Item.DistinguishedName
  Set-ADComputer -Identity $DistName -Enabled $false
  Get-ADComputer -Filter { DistinguishedName -eq $DistName } | Select-Object Name, Enabled
 }

 # Delete Inactive Computers
 ForEach ($Item in $Computers){
  Remove-ADComputer -Identity $Item.DistinguishedName -Confirm:$false
  Write-Output "$($Item.Name) - Deleted"
 }
	Import-Module ActiveDirectory

	# Set the number of days since last logon
	$DaysInactive = 90
	$InactiveDate = (Get-Date).Adddays(-($DaysInactive))

	#-------------------------------
	# FIND INACTIVE COMPUTERS
	#-------------------------------
	# Below are three options to find inactive computers. Select the one that is most appropriate for your requirements:

	# Get AD Computers that haven't logged on in xx days
	$Computers = Get-ADComputer -Filter { LastLogonDate -lt $InactiveDate -and Enabled -eq $true } -Properties LastLogonDate \| Select-Object Name, LastLogonDate, DistinguishedName

	# Get AD Computers that have never logged on
	$Computers = Get-ADComputer -Filter { LastLogonDate -notlike "*" -and Enabled -eq $true } -Properties LastLogonDate \| Select-Object Name, LastLogonDate, DistinguishedName

	# Automated way (includes never logged on computers)
	$Computers = Search-ADAccount -AccountInactive -DateTime $InactiveDate -ComputersOnly \| Select-Object Name, LastLogonDate, Enabled, DistinguishedName

	#-------------------------------
	# REPORTING
	#-------------------------------
	# Export results to CSV
	$Computers \| Export-Csv C:\Temp\InactiveComputers.csv -NoTypeInformation

	#-------------------------------
	# INACTIVE COMPUTER MANAGEMENT
	#-------------------------------
	# Below are two options to manage the inactive computers that have been found. Either disable them, or delete them. Select the option that is most appropriate for your requirements:

	# Disable Inactive Computers
	ForEach ($Item in $Computers){
	$DistName = $Item.DistinguishedName
	Set-ADComputer -Identity $DistName -Enabled $false
	Get-ADComputer -Filter { DistinguishedName -eq $DistName } \| Select-Object Name, Enabled
	}

	# Delete Inactive Computers
	ForEach ($Item in $Computers){
	Remove-ADComputer -Identity $Item.DistinguishedName -Confirm:$false
	Write-Output "$($Item.Name) - Deleted"
	}