CCM LAB

  Removing Obsolete Computer Records from Active Directory Using PowerShell Active Directory (AD) environments can accumulate obsolete computer objects over time. These stale records not only clutter the directory but can also pose security risks. This article provides a PowerShell-based approach to identifying and removing outdated computer records from Active Directory. Identifying Obsolete Computer Accounts The first step in cleaning up AD is to identify inactive computers based on their last logon timestamp and password last set date. Below is a PowerShell script to find obsolete devices that have not logged in for more than 60 days: Import-Module ActiveDirectory $DaysInactive = 60 $time = (Get-Date).AddDays(-$DaysInactive) # Identify obsolete devices $obsoleteDevices = Get-ADComputer -Filter { (LastLogonTimeStamp -lt $time -and PasswordLastSet -lt $time) -and (OperatingSystem -like '*Windows 10*' -or OperatingSystem -like '*Windows 11*' -or OperatingSystem...

Exporting All AD Computers by OU using PowerShell When you run this script, it generates a CSV file containing the following details for all computers in the specified OU: DistinguishedName : The full Active Directory path of the computer object. Name : The hostname of the computer. ObjectGUID : The unique identifier for the computer in AD. OperatingSystem : The installed OS on the machine. OperatingSystemVersion : The version of the installed OS. LastLogonDate : The last recorded logon date of the computer. The output file C:\Reports\AllComputers.csv can be opened in Excel or any text editor for further analysis. ------------------------------------------------------------------------------------------------------------- # Define the Organizational Unit (OU) to search $OU = "DC=CCM,DC=LOCAL"  # Change this if you want to target a specific OU # Retrieve all computers within the specified OU and export to CSV Get-ADComputer -SearchBase $OU -Filter * `     -Properties Dist...

Extracting Active Directory User Details with PowerShell Active Directory (AD) is an essential component in managing users and resources in enterprise environments. As an IT administrator, you often need to retrieve and analyze user details, such as their account status, department, and last logon date. In this article, I will walk you through a simple yet effective PowerShell script to fetch Active Directory user details and export them into a CSV file. PowerShell Script to Retrieve AD User Details The following PowerShell script retrieves all users from the CCM.LOCAL domain, including their display name, account status, department, email address, and last logon date. The results are formatted in a table and optionally exported as a CSV file for further analysis. --------------------------------------------------------------------------------------------------------------------------   # Define the search base for the Omega group in the CCM.LOCAL domain $searchBase = "DC=CC...

  Uninstalling Old Versions of FortiClient Using PowerShell We recently had a requirement to uninstall any old versions of FortiClient from machines to install latest through SCCM, but the install required removing old versions. After testing several methods, we found a PowerShell script that worked perfectly without requiring a system restart. Here's how you can automate the uninstallation of old FortiClient versions. # Stop FortiClient services Write-Host "Stopping FortiClient services..." Get-Service -Name "Forti*" -ErrorAction SilentlyContinue | ForEach-Object {     if ($_.Status -eq 'Running') {         Write-Host "Stopping service: $($_.Name)"         Stop-Service -Name $_.Name -Force     } }   # Kill FortiClient processes Write-Host "Terminating FortiClient processes..." Get-Process -Name "Forti*" -ErrorAction SilentlyContinue | ForEach-Object {     Write-...

This PowerShell script automates the cleanup of: CCM Cache Files : Removes files older than 14 days from C:\Windows\ccmcache. Temporary Files : Cleans up files older than 14 days from the user’s temp folder ($env:Temp) and the system-wide temp folder (C:\Windows\Temp). Windows.old Folder : Deletes the Windows.old folder if it’s older than 14 days. This folder is typically created during a Windows upgrade and can take up significant disk space. The script also logs all actions to a log file (C:\TempCleanupLog.txt), making it easy to track what was deleted and troubleshoot any issues. # Define paths $ccmCachePath = "C:\Windows\ccmcache" $tempPath = "$env:Temp" $systemTempPath = "C:\Windows\Temp" $windowsOldPath = "C:\Windows.old" $logFile = "C:\TempCleanupLog.txt" # Change log file location if needed # Function to clean up files and directories older than a specific number of days function Clean-Ol...