 |
 |
So we all know departments are bad about letting us know when someone has left MSU or your specific Unit, so that is why I have automated Active directory cleanup of computers and users. If is very simple and easy to manage. If you are running an 2k8r2 box in your environment, that is really the only requirement. You could even do this from a Windows 7 box if you have RSAT and Powershell installed. I have attached the 7 lines of code, but note the following: 1) assumes Set-ExecutionPolicy RemoteSigned 2) you have an SMTP box that will allow servers to send mail 3) you change the OU and email address 4) while this is set to computer accounts you can easily change -Computers Only to - UsersOnly 5) this is set to search only 1 ou deep (OneLevel), it is up to your situation with nested OUs 6) you could easily remove the lines that account for disabling the Accounts and just get an email on inactive accounts. (while I only pull Name and lastlogondate, you could add dept so that you could notify each dept of inactive users). Finally, you can also add this script to a scheduled task (the automation part) that runs when you want it. So their you go, Automated AD cleanup! Tim Good