Re: Removing old members from...

From: B. Goodman (no_at_spam.org)
Date: 06/13/03


Date: Fri, 13 Jun 2003 10:19:14 -0400


In article <0eca01c330fa$e2068060$a401280a@phx.gbl>,
kkorpal@newfocus.com says...
> Is there a way to clean up the members/workstations on a
> NT 4 domain.
>
> We have about 300 PCs, but I show over 1300 members when I
> view the workstation list.
>
> Is there any setting to drop old members if they haven't
> connected in the past few weeks?
>
> Thanks much,
>
> Ken
>
I think you may be able to script it, if you do a little research.
First, see http://support.microsoft.com/?kbid=140387, which is "Batch
File Adds/Removes Machine Accounts in Server Manager". Then look at
http://www.jsiinc.com/SUBH/tip3900/rh3988.htm, "Network Account Password
Age (NetPWAge) freeware."

It seems to me you could use a command like:
netpwage /machines /b /tabs > %temp%\machinelist.tsv

to generate a tab-delimited list into a file called "machinelist.tsv",
then tweak the batch file MS lists in Q140387.

Try putting this in as your batch file:

******************************************************************
@echo off
set maxage=80
set temp1=%temp%\machinelistfull.tsv
set temp2=%temp%\machinelistpurge.tsv
if exist %temp1% del /q %temp1%
if exist %temp2% del /q %temp2%
netpwage /b /machines /tabs > %temp1%
for /f "tokens=1-3" %%x in (%temp1%) do (if %%z GEQ %maxage% echo %%x
        %%y %%z >> %temp2%)
for /f "tokens=1" %%a in (%temp2%) do (echo %%a)

******************************************************************

Scrutinize your results in the file, machinelistpurge.tsv. Be SURE that
there is nothing there that should NOT be there. As written, this batch
file won't differentiate between a server and workstation.

If you are convinced that everything is correct, replace the (echo %%a)
in the last line with (net computer \\%%a /del)

WARNING: I just through this together. I have NOT tested the actual
delete process, because it must be run from a domain controller. The
rest was tested on Win 2K Pro, and I am not certain if (if %%z GEQ %
maxage%) part will run correctly on NT 4 server.

I am also not certain how reliable the information is that netpwage
displays.

BOTTOM LINE: Test, test, test. THERE IS NO WARRANTY, EXPRESS OR
IMPLIED, to anything I have written here. USE AT YOUR OWN RISK!

Be VERY careful. Batch deletes of things can get a person FIRED!

GOOD LUCK!