Remove stale PC's from AD and SCCM

This script allow you to cleanup stale computers from AD and SCCM. This is seup as a 2 part process, but there is no reason why you couldnt string it all togeather.

The first portion reports on machines where no one has logged on in 60 days, and the Password on the computer account has not changed in 120. This is a good indicator that the machine is not actively in use. We export this to a CSV file.

 #Get-QADComputer -NotLoggedOnFor 60 -PasswordNotChangedFor 120 -searchroot yourdomain/OU |select-object Name, ParentContainer, DN | export-csv c:\tempoutdated.csv  

The second block remove the affected devices from AD and SCCM. Note the CSV file has a header line line above the column lines that should be removed.

 Foreach($x in Import-CSV “C:\tempoutdated.csv”){  
 $x.name  
 remove-cmdevice -devicename $x.name –force –confirm:$false  
 remove-qadobject $x.DN –force –confirm:$false  
 }  

You can also do it as a oneliner where the txt file contains a list of only PC Names.

Foreach($x in Import-CSV “C:\zzz.txt”){$x;remove-cmdevice -devicename $x –force –confirm:$false;get-qadComputer $x|remove-qadobject –force –confirm:$false}