I have a need from time to time to find actively used computer objects in the domain that are running a particular operating system. Most often it is to find unsupported operating systems like XP, Server 2003 or even OSX 10.8 and below. The script looks a lot like:
# Get only active XP computers in the last 60 days
$XP = Get-ADComputer -Filter {OperatingSystem -like “*XP*”} `
-Properties Name, DNSHostName, OperatingSystem, `
OperatingSystemServicePack, PasswordLastSet, `
whenCreated, whenChanged, LastLogonTimestamp, nTSecurityDescriptor, `
DistinguishedName |
Where-Object {$_.whenChanged -gt $((Get-Date).AddDays(-60))} |
Select-Object Name, DNSHostName, OperatingSystem, `
OperatingSystemServicePack, PasswordLastSet, `
whenCreated, whenChanged, `
@{name=’LastLogonTimestampDT’;`
Expression={[datetime]::FromFileTimeUTC($_.LastLogonTimestamp)}}, `
@{name=’Owner’;`
Expression={$_.nTSecurityDescriptor.Owner}}, `
@{l=’OU’;`
e={([adsi]”LDAP://$($_.distinguishedname)”).psbase.parent.distinguishedname}}
# View graphically
$XP | Out-GridView
# Export to CSV
$XP | Export-CSV C:\Temp\XP.csv -NoTypeInformation
# Count how many computers
($XP | Measure-Object).Count
The line:
$XP = Get-ADComputer -Filter {OperatingSystem -like “*XP*”} `
can be edited, replacing the *XP* with something like *2003* to report on Server 2003 instances.
To find OSX machines we need to interrogate a different computer object attribute, namely OperatingSystemVersion. The PowerShell script for this needs to be tweaked along the lines of:
# Get only active OSX computers in the last 60 days
$OSX = Get-ADComputer -Filter {OperatingSystemVersion -like “*10.8.*”} `
-Properties Name, DNSHostName, OperatingSystem, `
OperatingSystemVersion, OperatingSystemServicePack, PasswordLastSet, `
whenCreated, whenChanged, LastLogonTimestamp, nTSecurityDescriptor, `
DistinguishedName |
Where-Object {[datetime]::FromFileTimeUTC($_.LastLogonTimestamp) -gt $((Get-Date).AddDays(-60))} |
Select-Object Name, DNSHostName, OperatingSystem, `
OperatingSystemVersion, OperatingSystemServicePack, PasswordLastSet, `
whenCreated, whenChanged, `
@{name=’LastLogonTimestampDT’;`
Expression={[datetime]::FromFileTimeUTC($_.LastLogonTimestamp)}}, `
@{name=’Owner’;`
Expression={$_.nTSecurityDescriptor.Owner}}, `
@{l=’OU’;`
e={([adsi]”LDAP://$($_.distinguishedname)”).psbase.parent.distinguishedname}}
# View graphically
$OSX | Out-GridView
# Export to CSV
$OSX| Export-CSV C:\Temp\OSX10.8.csv -NoTypeInformation
# Count how many computers
($OSX| Measure-Object).Count
Finally, the number in the line $((Get-Date).AddDays(-60))} can be changed depending on how many days you’d like to go back for your report.
Remember, if you have problems with the Get-ADComputer function, you might have to import the Active Directory module – see https://blogs.msdn.microsoft.com/adpowershell/2009/02/25/active-directory-module-for-windows-powershell-quick-start-guide/
Happy scripting!!