0

I have to clean up computer objects in our AD, and as all computernames has the username included (like pcuser1, nbuser2 and so on), I'm trying to figure out how to generate a complete AD userlist and then compare it to a complete computername list. Our user objects are consistent so this comparison would tell me, if a computer object does not compare to a user.

How should I proceed with this? I'm no pro at scripting but I assume some vbs or powershell could do the trick. It's the comparing part I'm not to keen on.

Some pseudo code could be:

get all usernames from AD > text1
get all computernames from AD > text2
traverse text1
   traverse text2
   if text1.line# is contained in text2.line# then
      text1.line# and text2.line# > output.txt
lyngsie
  • 111
  • 2
  • 11
  • Your domain computer names contain substrings of users names? Could you please clarify with an edit to your question. – jscott Jan 28 '11 at 11:33

1 Answers1

0

I would not write my own script to do this. For one thing, the pseudocode that you wrote would be O-n-squared. There are plenty of available tools that can be combined to get what you want.

Use a tool like ldifde or csvde or dsquery to export the elements that you care about. Depending on your version of windows, those may be included or you may need to download a resource kit or support tools.. You can do further processing with Excel or a text editor to get the source files to look right, sort them, etc.

Then, use a tool like WinDiff or other GUI (or text-mode, if that's your thing) to compare them.

Although, re-reading your question, you could just do what most other admins do, and do an export of computer accounts that are over x days inactive and just delete those.

mfinni
  • 35,711
  • 3
  • 50
  • 86