AD-OldComputers.ps1
|
<#PSScriptInfo .VERSION 0.1 .GUID be975e3f-f9cf-40c7-97aa-81aca6c62c85 .AUTHOR anisio@ja.eti.br .COMPANYNAME www.ja.eti.br .COPYRIGHT .TAGS .LICENSEURI .PROJECTURI .ICONURI .EXTERNALMODULEDEPENDENCIES RSAT-ADDS-Tools .REQUIREDSCRIPTS .EXTERNALSCRIPTDEPENDENCIES .RELEASENOTES First release .PRIVATEDATA #> #Requires -Module RSAT-ADDS-Tools <# .DESCRIPTION Disable incative computers objects of AD #> Param( # How many idle days to be evaluated [Parameter(Mandatory=$false)][string]$IdleDays ) if ($IdleDays){} else { $IdleDays = "-" + (Get-ItemPropertyValue -Path HKLM:\SOFTWARE\JA\KA-01032 -Name IdleDays) } $Date = [DateTime]::Today.AddDays($IdleDays) $AlwaysEnabled = (Get-ItemPropertyValue -Path HKLM:\SOFTWARE\JA\KA-01032 -Name AlwaysEnabled) $WrkDir = ("C:\JA\KA-01032\") if ([IO.Directory]::Exists($WrkDir)) {} else { mkdir "$WrkDir" -ErrorAction Stop } Set-Location -Path "$WrkDir" Get-Date | Out-File -FilePath ("KA-01032"+(Get-Date -Format yyyyMMdd).ToString()+".log") -Append ForEach ($IdleComputer in Get-ADComputer -Filter 'LastLogonDate -le $Date -and Enabled -eq "True"') { if ($IdleComputer.Name.ToString() -in $AlwaysEnabled ) {} else { Disable-ADAccount $IdleComputer -Verbose $IdleComputer.DNSHostName.ToString() | Out-File -FilePath ("KA-01032"+(Get-Date -Format yyyyMMdd).ToString()+".log") -Append } } |