I’ve used the following attached script to find orphaned GPOs.
It can do the following;
- GPOs that exist within SYSVOL but not within the GPO management console.
- Also vice versa – GPOs in management console but not in SYSVOL.
Very handy. GPO Check
Tag Archives: active directory
Active Directory- redirect default Containers to Organisational Units
One really useful tidbit I picked up last week –
Redirusr & redircmp
Configures the default OU for computers and users so they don’t appear in the default containers when they are added (effectively meaning they only get root domain policies).
As you would guess – it helps keep the default AD containers clean by placing machines straight into an OU and also applying any policies attached.
powershell – move machine types to certain OUs in active directory
-------------- select additional parameters ----------------------
Get-ADComputer -Filter * -Properties ipv4Address, OperatingSystem, OperatingSystemServicePack | Format-table name, ipv4*, operatingsystem
-------------- move script -----------------
[cmdletbinding()]
param (
[parameter(mandatory=$true)]
$TargetOU
)
Import-Module ActiveDirectory
$Domain = [ADSI]""
$DN=$domain.distinguishedName
$SourcePath = "CN=Computers," + $DN
$Computers = Get-ADComputer -Filter * -SearchBase $SourcePath
if(!$Computers) {
write-host "No Computers are found in default container"
return
}
foreach ($Computer in $Computers) {
if(!(Move-ADObject $Computer -TargetPath $TargetOU)) {
$Status = "SUCCESS"
} else {
$Status = "FAILED"
}
$OutputObj = New-Object -TypeName PSobject
$OutputObj | Add-Member -MemberType NoteProperty -Name ComputerName -Value $Computer.Name.tostring()
$OutputObj | Add-Member -MemberType NoteProperty -Name SourcePath -Value $SourcePath
$OutputObj | Add-Member -MemberType NoteProperty -Name DestinationPath -Value $TargetOU
$OutputObj | Add-Member -MemberType NoteProperty -Name Status -Value $Status
$OutputObj
}