Quantcast
Channel: Directory Services forum
Viewing all articles
Browse latest Browse all 31638

objects linked to a computer SID

$
0
0

Gents,

I'm trying to find a way to have a comprehensive list of objects related to a AD computer (or possibly its SID) in order that, before deleting that Computer Account, there will be no orphaned object with link to this Computer

For example, let's say i have a GPO with a security based filter pointing to a computer (the question here is not about whether or not is it a best practice). If i deleted the computer, i will be left with the SID when i look at this GPO

The same applies for a Security Group which this computer could be a member of. If i delete the computer account, the security group will have an SID instead

To prevent this, i would like to have command lines or a script which would search amongst all AD objects and find which one has a relationship with the computer account (or its SID) so that i can make some cleaning BEFORE deleting the computer account

Does that make sense to you ? Anyone has already found something to reach that goal ?

Thanks very much for your feedback


Viewing all articles
Browse latest Browse all 31638

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>