Home > Industries > Computer

How do I find and remove redundant computer accounts in the ad domain?

Source: Internet
Author: User
Tags dsquery
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

How to automatically purge expired computers from the Computers container. Because there are many times not in the normal way to retire the domain, resulting in the AD computers container there are many outdated computers, there is no way to let it automatically clean up

For our network administrators, the user account and computer account management is our longest and most difficult to manage a job. We know that frequent system reloading and joining the domain process will result in a large number of invalid computer accounts, how to clean up these invalid computer accounts becomes a problem.

Q:
How to find and delete redundant computer accounts in a domain.

A:
If our domain is a Windows 2003 domain, we can use the inactive parameter of the dsquery command to troubleshoot a computer that has not been active for some time.

The annex contains two CMD documents, the contents of which are as follows:

Disablecomputer.cmd
dsquery computer-inactive 10-stalepwd |dsmod computer-disabled Yes

Investigate machines that have not logged in 10 weeks and 70 days that failed to change the domain computer password (the values are specified) and then set them to disabled.

Note:-inactive refers to the machine is not logon time,-STALEPWD is the machine password has not changed time, Windows 2000 above the machine defaults to 30 days, we can combine to see which is not active machine. If you want to use the-inactive parameter, you need 2003 pure mode. If you use-stalepwd alone, you can run in mixed mode.

dsquery is more correct for computers that are inactive for longer periods of time. This occurs because Active Directory determines whether the computer is active based on whether it is authenticated or not. A 1-month computer that does not boot is, of course, inactive, but a computer that is powered up but one months unmanned will also be judged inactive, while the second is more common on the server (such as a file-sharing server). So we can't immediately delete the computer account according to the dsquery result, but also need to do some verification work (such as querying the IP of this computer name).

Deletecomputer.cmd
dsquery computer-disabled | Dsrm–noprompt

Isolate the machine and remove it.
Note: It is recommended that you use Deletecomputer.cmd to remove redundant computer accounts in a domain after two weeks of disablecomputer.cmd use without a user error.

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
find and remove adware how to find domain name in outlook how to find computer domain name using command prompt how find domain registrar how to find domain name from ip address in linux how to find hostname and port number in oracle 11g how to improve ad rank in adwords
Related Article
Computer Information Processing

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More