Powershell Active Directory
General Information
This page shows neat tricks for Powershell within Active Directory to get useful information (one liners) or make batch changes.
Checklist
- Powershell CLI installed
- Powershell running as administrator for any modify commands.
Move inactive computers to a new OU for confirmation and deletion from AD.
get-adcomputer -SearchBase 'ou=Workstations,dc=contoso,dc=com' -filter “Passwordlastset -lt '1/1/2018'” -properties * | Move-ADObject -TargetPath 'ou=OLD,ou=Workstations,dc=contoso,dc=com'
- Moves all computers who have not connected to the domain since 1/1/2018 to the OLD OU.
- Computers connected to the domain reset their passwords every 30 days.
- -SearchBase specifies the OU you want to search within, this could be widened to the entire domain if needed.
- -TargetPath specifies where these computers are going to be moved.