PowerShell to find active computer objects by Operating System name

I have a need from time to time to find actively used computer objects in the domain that are running a particular operating system.  Most often it is to find unsupported operating systems like XP, Server 2003 or even OSX 10.8 and below.  The script looks a lot like:


# Get only active XP computers in the last 60 days
$XP = Get-ADComputer -Filter {OperatingSystem -like “*XP*”} `
    -Properties Name, DNSHostName, OperatingSystem, `
        OperatingSystemServicePack, PasswordLastSet, `
        whenCreated, whenChanged, LastLogonTimestamp, nTSecurityDescriptor, `
        DistinguishedName |
    Where-Object {$_.whenChanged -gt $((Get-Date).AddDays(-60))} |
    Select-Object Name, DNSHostName, OperatingSystem, `
        OperatingSystemServicePack, PasswordLastSet, `
        whenCreated, whenChanged, `
        @{name=’LastLogonTimestampDT’;`
            Expression={[datetime]::FromFileTimeUTC($_.LastLogonTimestamp)}}, `
        @{name=’Owner’;`
            Expression={$_.nTSecurityDescriptor.Owner}}, `
        @{l=’OU’;`
            e={([adsi]”LDAP://$($_.distinguishedname)”).psbase.parent.distinguishedname}}
# View graphically
$XP | Out-GridView

# Export to CSV
$XP | Export-CSV C:\Temp\XP.csv -NoTypeInformation

# Count how many computers
($XP | Measure-Object).Count

The line:
$XP = Get-ADComputer -Filter {OperatingSystem -like “*XP*”} `
can be edited, replacing the *XP* with something like *2003* to report on Server 2003 instances.

To find OSX machines we need to interrogate a different computer object attribute, namely OperatingSystemVersion.  The PowerShell script for this needs to be tweaked along the lines of:

# Get only active OSX computers in the last 60 days
$OSX = Get-ADComputer -Filter {OperatingSystemVersion -like “*10.8.*”} `
-Properties Name, DNSHostName, OperatingSystem, `
OperatingSystemVersion, OperatingSystemServicePack, PasswordLastSet, `
whenCreated, whenChanged, LastLogonTimestamp, nTSecurityDescriptor, `
DistinguishedName |
Where-Object {[datetime]::FromFileTimeUTC($_.LastLogonTimestamp) -gt $((Get-Date).AddDays(-60))} |
Select-Object Name, DNSHostName, OperatingSystem, `
OperatingSystemVersion, OperatingSystemServicePack, PasswordLastSet, `
whenCreated, whenChanged, `
@{name=’LastLogonTimestampDT’;`
Expression={[datetime]::FromFileTimeUTC($_.LastLogonTimestamp)}}, `
@{name=’Owner’;`
Expression={$_.nTSecurityDescriptor.Owner}}, `
@{l=’OU’;`
e={([adsi]”LDAP://$($_.distinguishedname)”).psbase.parent.distinguishedname}}
 
# View graphically
$OSX | Out-GridView
 
# Export to CSV
$OSX| Export-CSV C:\Temp\OSX10.8.csv -NoTypeInformation
 
# Count how many computers
($OSX| Measure-Object).Count

Finally, the number in the line $((Get-Date).AddDays(-60))} can be changed depending on how many days you’d like to go back for your report.

Remember, if you have problems with the Get-ADComputer function, you might have to import the Active Directory module – see https://blogs.msdn.microsoft.com/adpowershell/2009/02/25/active-directory-module-for-windows-powershell-quick-start-guide/

Happy scripting!!

Leave a Reply