-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathRemove-ADComputer_From_DisabledOU.ps1
More file actions
36 lines (27 loc) · 1.57 KB
/
Remove-ADComputer_From_DisabledOU.ps1
File metadata and controls
36 lines (27 loc) · 1.57 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
[CmdletBinding(SupportsShouldProcess = $true)]
[Parameter(Mandatory = $true)][ValidateNotNullOrEmpty()][string] $DisabledOU,
[Parameter(Mandatory = $true)][ValidateRange(1, 999)][int]$DaysInactive,
[Parameter(Mandatory = $true)] [ValidateNotNullOrEmpty()] [string] $AD_Server,
LogMessage -Severity VERBOSE -Message "Starting Script."
# Initialize the counter for deleted computers
$Script:DeletedComputersCount = 0
# Calculate the threshold date
$Script:ThresholdDate = (Get-Date).AddDays(-$DaysInactive)
# Search for disabled computers older than the threshold date in the specified OU
$Script:Computers = Get-ADComputer -Server $Script:AD_Server -Filter { (Enabled -eq $false) -and (whenChanged -lt $ThresholdDate) } -SearchBase $DisabledOU -Properties whenChanged
foreach ($Computer in $Computers) {
# Use SupportsShouldProcess to confirm before making changes
# Attempt to delete the computer account
try {
if ($PSCmdlet.ShouldProcess($Computer.Name, "Remove-ADComputer")) {
Remove-ADComputer -Server $Script:AD_Server -Identity $Computer.DistinguishedName -Confirm:$false -WhatIf
}
$Script:DeletedComputersCount++ # Increment the counter
LogMessage -Severity "Info" -Message "Deleted computer $($Computer.Name) as it has been inactive for more than $DaysInactive days."
}
catch {
LogMessage -Severity "Error" -Message "Failed to delete computer $($Computer.Name): $_"
}
}
# Log the total number of deleted computers
LogMessage -Severity "Info" -Message "Total computers deleted: $Script:DeletedComputersCount"