Help with Get-ADComputer -Filter

Welcome Forums General PowerShell Q&A Help with Get-ADComputer -Filter

This topic contains 6 replies, has 4 voices, and was last updated by

 
Participant
1 week, 2 days ago.

  • Author
    Posts
  • #127791

    Participant
    Points: 10
    Rank: Member

    Hello still learning here and need some help please. The below script works well but I want to add a filter to it for it to only check in one OU instead of the whole domain. What do I need to add to the -Filter option to accomplish this? Thank you

    $domain = "domain.mydom.com" 
    $DaysInactive = 90 
    $time = (Get-Date).Adddays(-($DaysInactive))
     
    # Get all AD computers with lastLogonTimestamp less than our time
    Get-ADComputer -Filter {LastLogonTimeStamp -lt $time} -Properties LastLogonTimeStamp |
     
    # Output hostname and lastLogonTimestamp into CSV
    select-object Name,@{Name="Stamp"; Expression={[DateTime]::FromFileTime($_.lastLogonTimestamp)}} | export-csv OLD_Computer.csv -notypeinformation

     

  • #127792

    Participant
    Points: 316
    Helping Hand
    Rank: Contributor

    Nothing! Take a look at the SearchBase parameter:

    Get-ADUser -SearchBase
    
  • #127795

    Participant
    Points: 10
    Rank: Member

    Why Get-ADuser? I'm only interested in finding the computers that have been inactive for over 90 days in a particular OU instead of searching the whole domain tree.

  • #127806

    Participant
    Points: 38
    Rank: Member

    searchbase parameter is the same on aduser and adcomputer

    what Rob's trying to tell you is you can't filter for ou or distinguishedname.
    however, the cmdlet itself has a method to specify OU Paths to search within.

    from the ms get-adcomputer help located here:
    https://docs.microsoft.com/en-us/powershell/module/addsadministration/get-adcomputer?view=win10-ps

    -SearchBase
    Specifies an Active Directory path to search under.

    When you run a cmdlet from an Active Directory provider drive, the default value of this parameter is the current path of the drive.

    When you run a cmdlet outside of an Active Directory provider drive against an Active Directory Domain Services target, the default value of this parameter is the default naming context of the target domain.

    When you run a cmdlet outside of an Active Directory provider drive against an AD LDS target, the default value is the default naming context of the target AD LDS instance if one has been specified by setting the msDS-defaultNamingContext property of the Active Directory directory service agent object (nTDSDSA) for the AD LDS instance. If no default naming context has been specified for the target AD LDS instance, then this parameter has no default value.

    When the value of the SearchBase parameter is set to an empty string and you are connected to a global catalog port, all partitions are searched. If the value of the SearchBase parameter is set to an empty string and you are not connected to a global catalog port, an error is thrown.

  • #127879

    Participant
    Points: 316
    Helping Hand
    Rank: Contributor

    In my defense, I just had my first sip of coffee...

    Get-ADComputer -SearchBase
    
  • #127909

    Participant
    Points: 319
    Helping Hand
    Rank: Contributor

    If you are new, then don't stress yourself out over this. Microsoft provides a few tools to write the base script for you and you tweak it from there.
    The tool is built in to Windows Server, well, 2012 and higher. It's called Active Directory Administration Center (ADAC). You just click though the GUI then use the PowerShell History Viewer to get the code.

    Step-By-Step: Utilizing PowerShell History Viewer in Windows Server 2012 R2
    'blogs.technet.microsoft.com/canitpro/2015/03/04/step-by-step-utilizing-powershell-history-viewer-in-windows-server-2012-r2'

    Learning PowerShell with Active Directory Administrative Center (PowerShell History Viewer)
    'sid-500.com/2017/10/10/learning-powershell-with-active-directory-administrative-center-powershell-history-viewer'

    For what you are after, there are tons of samples all over the web, as what you are asking for is a very common thing. Visit the MS PowerShell gallery and there are full scripts to leverage / tweak as needed.

    https://www.powershellgallery.com

    Example:

    Get Inactive Computer in Domain based on Last Logon Time Stamp
    Get inactive / old computer in your domain as a simple CSV output.
    https://gallery.technet.microsoft.com/scriptcenter/Get-Inactive-Computer-in-54feafde

    Yet. never run anyone's script / module unless you are sure you know what it is doing. You can cause serious damage to your machine and your environment if you randomly run unknown, fully understood code.

  • #127987

    Participant
    Points: 10
    Rank: Member

    Thank you all so much for your help and information this will for sure help me get to what I'm trying to do with this script!

You must be logged in to reply to this topic.