This prints disabled computer accounts to the screen. I want to run a conditional statement against the results and, if true, move them to my "disabled" OU.
get-adcomputer -ldapfilter "(&(objectCategory=computer)(objectClass=computer)(useraccountcontrol:1.2.840.113556.1.4.803:=2))"|select Name, enabled
Get-ADComputer -LDAPFilter "(&(objectCategory=computer)(objectClass=computer)(useraccountcontrol:1.2.840.113556.1.4.803:=2))" | Move-ADObject -TargetPath "OU=disabled,DC=ad,DC=example,DC=net"
Note: This will catch all the computers currently in the OU. You'd need to limit the scope of the search to filter them out otherwise it will retry the move (I'm not sure if it'll fail for those computers, or just skip them)
TheCleaner also wanted me to mention that you can add a -Filter {(DistinguishedName -notlike "OU=disabled,DC=ad,DC=example,DC=net")} to that Get-ADComputer statement to filter out the already moved computer.
It is easy to do this through Active Directory Users and Computers GUI. You can view all the disabled computers and then select all and move to the needed OU.
To achieve it, you just need to create a Saved Query in Active Directory Users and Computers, Saved queries -> right click -> New -> query -> Click Define query -> Select Custom Search mode -> Advanced -> paste the following query.
"(&(objectCategory=computer)(objectClass=computer)(useraccountcontrol:1.2.840.113556.1.4.803:=2))"
Had to share the new stuffzz.. Old post I know, but I had to do this today for a client... :)
Get-ADComputer -Filter {(Enabled -eq $False)} | Move-ADObject -TargetPath "OU=ToBeRemoved,DC=dc,DC=example,DC=com"
