• Some users have recently had their accounts hijacked. It seems that the now defunct EVGA forums might have compromised your password there and seems many are using the same PW here. We would suggest you UPDATE YOUR PASSWORD and TURN ON 2FA for your account here to further secure it. None of the compromised accounts had 2FA turned on.
    Once you have enabled 2FA, your account will be updated soon to show a badge, letting other members know that you use 2FA to protect your account. This should be beneficial for everyone that uses FSFT.

AD CLeanup

C

civimike

n00b
Joined
Nov 8, 2005
Messages
9
Howdy all....

I was wondering if anyone could suggest a Good clean up application for Active Directory. My Domain has tons of machines and user accounts, but i know at least half of them are old and unused. im looking for a tool that will give me a date of last use....or even better something that will give me a listing of accounts that havent been used in 90 days/120 days...

Prefrable a free app, but i will pay if the product is good, does what i need and isent a giant resource hog.

Thanks
 
THanks for the Sugestion, Ive tried that software before, its either really slow or hanging on something. It just sits at the scanning screen. any other software anyone may suggest?
 
Couldn't You do a custom LDAP query, to find the objects?
(no automated removal, but at least you got a list)
 
civimike said:
THanks for the Sugestion, Ive tried that software before, its either really slow or hanging on something. It just sits at the scanning screen. any other software anyone may suggest?
Click to expand...
If it's hanging, that may be an idication of a bigger problem. I use the Active Directory Health Check Tool from MS, but I got that from a MS engineer and you can't just download it. I would try to figure out what it's hanging on first.
 
KaosDG said:
Couldn't You do a custom LDAP query, to find the objects?
(no automated removal, but at least you got a list)
Click to expand...

Thats would be great, unfortunitly i am not that great at writing LDAP querys, any good refrences i could look at?
 
civimike said:
Thats would be great, unfortunitly i am not that great at writing LDAP querys, any good refrences i could look at?
Click to expand...


I looked at this to get myself started: http://www.petri.co.il/ldap_search_samples_for_windows_2003_and_exchange.htm

(I was setting up query based distro's in exch2k3)



You might need this reference http://msdn.microsoft.com/library/d...adschema/adschema/active_directory_schema.asp for all of the classes, attributes, etc in the schema.


edit: you may be interested in the Last-Logon property of either a User or Computer.
 
KaosDG said:
I looked at this to get myself started: http://www.petri.co.il/ldap_search_samples_for_windows_2003_and_exchange.htm

(I was setting up query based distro's in exch2k3)



You might need this reference http://msdn.microsoft.com/library/d...adschema/adschema/active_directory_schema.asp for all of the classes, attributes, etc in the schema.


edit: you may be interested in the Last-Logon property of either a User or Computer.
Click to expand...


Thanks for the help, ill look into this right now
 
If you are doing last login you need to check against every domain controller unless you are running Windows 2003 Native AD. Its not a domain property otherwise and each DC will store an individual lastlogin/lastlogoff for every user to have logged in using it.

Just tell me the criteria you want to find people/workstations/groups on and I'll write you out the query.
 
You must log in or register to reply here.
Back
Top