Gents,
I'm trying to find a way to have a comprehensive list of objects related to a AD computer (or possibly its SID) in order that, before deleting that Computer Account, there will be no orphaned object with link to this Computer
For example, let's say i have a GPO with a security based filter pointing to a computer (the question here is not about whether or not is it a best practice). If i deleted the computer, i will be left with the SID when i look at this GPO
The same applies for a Security Group which this computer could be a member of. If i delete the computer account, the security group will have an SID instead
To prevent this, i would like to have command lines or a script which would search amongst all AD objects and find which one has a relationship with the computer account (or its SID) so that i can make some cleaning BEFORE deleting the computer account
Does that make sense to you ? Anyone has already found something to reach that goal ?
Thanks very much for your feedback