领导今天让Disable所有域中超过60天没登录的计算机和账号,我先搜索出一篇文章,是查询 计算机的,稍后再操作AD账号的。下面是原贴,是英文,我加上了我自己的翻译。

使用PowerShell命令查询Active Directory中长时间没有登录计算机帐户。本文章以60天为例,大家可以根据需要修改。

下面给出脚本:

# This PowerShell Command will query Active Directory and return the computer accounts which have not logged for the past

#这个PowerShell命令将会查询 并返回AD域中过去一段时间没有登录的电脑账号

# 60 days. You can easily change the number of days from 60 to any number of your choosing. lastLogonDate is a Human

#你可以改变下面的那个60的参数来查询是多少天未登录的

# Readable conversion of the lastLogonTimeStamp (as far as I am able to discern. More details about the timestamp can

$then = (Get-Date).AddDays(-60) # The 60 is the number of days from today since the last logon.

#这个60就是从上次登录到今天60天,你可以改变这个参数

Get-ADComputer -Property Name,lastLogonDate -Filter {lastLogonDate -lt $then} | FT Name,lastLogonDate

#这一行就是关键命令了,可以直接复制,查询出列表

# If you would like to Disable these computer accounts, uncomment the following line:

#如果你想禁用那些电脑账号,可以把下面这行命令的"#"删除即可

# Get-ADComputer -Property Name,lastLogonDate -Filter {lastLogonDate -lt $then} | Set-ADComputer -Enabled $false

# If you would like to Remove these computer accounts, uncomment the following line:

#如果你想删除这些电脑账号,直接去年下面命令的"#"

# Get-ADComputer -Property Name,lastLogonDate -Filter {lastLogonDate -lt $then} | Remove-ADComputer

我还想补充的一点是,上面的命令要在PowerShell里面运行,PowerShell还要用管理员的模式打开,下面是我运行的截图。

计算机后台数据分析(扫描域中长期不登录的计算机)(1)

计算机后台数据分析(扫描域中长期不登录的计算机)(2)

,