AD Computer-Based Scripts

Managing computer accounts in Active Directory is a key part of IT administration, helping ensure devices are properly accounted for, secure, and compliant. These scripts allow administrators to report, audit, and manage computer objects efficiently.

On this page, you will find scripts for listing computers, checking activity, detecting inactive or disabled machines, organizing by OU, and monitoring connectivity. Each script is designed to be run in PowerShell, with output exportable to CSV for auditing, reporting, or operational tasks.

List all computers – export all computer objects in the domain.
Inactive/stale computers – detect machines that haven’t checked in recently.
OS versions – report operating system for all computers.
Last logon per computer – identify the last user login on each computer.
Disabled computers – find decommissioned or disabled computer accounts.
Computers by OU – report computers organized by organizational unit.
Recently added computers – list machines created in the last X days.

List all computers

Import-Module ActiveDirectory

# Export all computer objects with useful details
Get-ADComputer -Filter * -Properties OperatingSystem |
Select-Object Name, DNSHostName, Enabled, OperatingSystem|
Export-Csv "C:\Reports\All_Computers.csv" -NoTypeInformation

Write-Host "All computers exported to C:\Reports\All_Computers.csv"

Inactive/stale computers

Import-Module ActiveDirectory

# Define inactivity threshold (e.g., 90 days)
$daysInactive = 90
$cutoffDate = (Get-Date).AddDays(-$daysInactive)

# Find computers not logged in since cutoff
Get-ADComputer -Filter * -Properties LastLogonDate, OperatingSystem, Enabled |
Where-Object { $_.LastLogonDate -lt $cutoffDate -or -not $_.LastLogonDate } |
Select-Object Name, DNSHostName, OperatingSystem, Enabled, LastLogonDate |
Export-Csv "C:\Reports\Stale_Computers.csv" -NoTypeInformation

Write-Host "Stale/inactive computers report exported to C:\Reports\Stale_Computers.csv"

OS versions

$servers = (Get-ADComputer -Filter "OperatingSystem -like  '*server*'" ).count
$2003Servers = (Get-ADComputer -Filter "OperatingSystem -like '*Windows Server 2003 *'" ).count
$2008Servers = (Get-ADComputer -Filter "OperatingSystem -like '*Windows Server 2008 R2 *'" ).count
$2012Servers = (Get-ADComputer -Filter "OperatingSystem -like '*Windows Server 2012 *'" ).count
$2016Servers = (Get-ADComputer -Filter "OperatingSystem -like '*Windows Server 2016 *'" ).count
$2019Servers = (Get-ADComputer -Filter "OperatingSystem -like '*Windows Server 2019 *'" ).count
$2022Servers = (Get-ADComputer -Filter "OperatingSystem -like '*Windows Server 2022 *'" ).count
Write-Host "The total list of server are as follows." -ForegroundColor red -BackgroundColor white
Write-Output "The Total number of server is equal to $servers "
Write-Output "The Total number of 2003 server is equal to $2003Servers "
Write-Output "The Total number of 2008 server is equal to $2008Servers "
Write-Output "The Total number of 2012 server is equal to $2012Servers "
Write-Output "The Total number of 2016 server is equal to $2016Servers "
Write-Output "The Total number of 2019 server is equal to $2019Servers "
Write-Output "The Total number of 2022 server is equal to $2022Servers "

Last logon per computer

Import-Module ActiveDirectory

# Export last logon date for all computers
Get-ADComputer -Filter * -Properties LastLogonDate, OperatingSystem, Enabled |
Select-Object Name, DNSHostName, OperatingSystem, Enabled, LastLogonDate |
Export-Csv "C:\Reports\Computer_LastLogonDate.csv" -NoTypeInformation

Write-Host "Computer last logon report exported to C:\Reports\Computer_LastLogonDate.csv"

Disabled computers

Import-Module ActiveDirectory

# Get all disabled computer accounts
Get-ADComputer -Filter 'Enabled -eq $false' -Properties OperatingSystem, LastLogonDate |
Select-Object Name, DNSHostName, OperatingSystem, LastLogonDate, Enabled |
Export-Csv "C:\Reports\Disabled_Computers.csv" -NoTypeInformation

Write-Host "Disabled computer accounts exported to C:\Reports\Disabled_Computers.csv"

Computers by OU

Import-Module ActiveDirectory

# Output path
$exportPath = "C:\Reports\Computers_By_OU_$(Get-Date -Format yyyyMMdd).csv"

# Get all computers with their DistinguishedName (to extract OU)
Get-ADComputer -Filter * -Properties OperatingSystem, LastLogonDate, Enabled, DistinguishedName |
Select-Object Name, DNSHostName, OperatingSystem, Enabled, LastLogonDate,
@{Name="OU";Expression={
    ($_.DistinguishedName -replace '^CN=.*?,OU=', '' -split ',DC=')[0]
}} |
Export-Csv -Path $exportPath -NoTypeInformation

Write-Host "Computers by OU report exported to $exportPath"

Recently added computers

Import-Module ActiveDirectory

# Define threshold (e.g., last 30 days)
$days = 30
$cutoffDate = (Get-Date).AddDays(-$days)

# Output path
$exportPath = "C:\Reports\Recently_Added_Computers.csv"

# Get computers created in the last X days
Get-ADComputer -Filter * -Properties whenCreated, OperatingSystem, Enabled |
Where-Object { $_.whenCreated -gt $cutoffDate } |
Select-Object Name, DNSHostName, OperatingSystem, Enabled, whenCreated |
Export-Csv -Path $exportPath -NoTypeInformation

Write-Host "Recently added computers (last $days days) exported to $exportPath"