Author Posts

November 30, 2017 at 4:02 pm

Hello all. I ran the script below. the goal was to locate all windows XP machines across the enterprise. The script found no Windows XP machines. However, Qualys and NMAP have proven that there are XP machines in the enterprise. any one have any idea how this script missed them? We know the XP devices are in the domain. We verified by remoting to some of the XP machines.

Get-ADComputer -Filter * -Properties OperatingSystem,LastLogonDate | select Name, OperatingSystem, LastLogonDate | sort LastLogonDate -unique | Export-Csv c:\work\computers.csv

Any help is appreciated.

November 30, 2017 at 4:08 pm

AD's "OperatingSystem" field is updated when the computer logs on. It's possible those computers aren't formally logging onto the domain; it's also possible that, for some reason unique to those computers, they aren't updating that field when the log on.

The OperatingSystem field is really meant to be a convenience; it isn't intended (by Microsoft) as an accurate inventory data point.

November 30, 2017 at 4:39 pm

Thanks Don, always helpful!!