Finding inactive computers in Active Directory
A computer's inactivity is decided based on when that computer account had its password changed last time. A computer account changes its password in Active Directory every 30 days by default. So, any computer that had its password last set longer than 30 days ago, it will mean that the computer is not connected to the network for some reason. It could be either decommissioned, crashed, or made offline for troubleshooting. The following function will help you query computers older than the given number of days:
Function Find-InactiveComputers {
[CmdletBinding()]
Param(
[int]$DaysOlderThan
)
$older = (Get-Date).AddDays(-$DaysOlderThan)
Get-ADComputer -Filter { PasswordLastSet -lt $older } | select Name, DistinguishedName
}Usage
Query computers that are inactive for more than 40 days using following command:
Find-InactiveComputers -DaysOlderThan 40
This displays the name and distinguished name of the computer accounts that are older than 40 days...
