-2

I have to audit whole Active Directory domain computers with software. I find out that old admin deployed Audit software for Group 'Audit_Software'. My goal is find all computers in domain which dont have 'Audit_Software' membership.

eg. 'Audit_Software' contain 2x computer accounts 'netbios_PC1' 'netbios_PC2'

but whole domain have many more computer accounts without that group. How to use powershell to find computer accounts in AD (all containers) without 'Audit_Software' group ??

Curl User
  • 115
  • 1
  • 3
  • 12
  • 1
    You need to tell what you have tried, what didn't work, and specifically _how_ it didn't work (i.e., precise error messages). – Bill_Stewart Apr 29 '15 at 15:45

1 Answers1

1

Enumerate the members of that group like this:

$group = Get-ADGroup -Identity 'Audit_Software'
$members = Get-ADGroupMember -Identity $group | select -Expand Name

then enumerate all computers and filter for those whose name is not in that list:

Get-ADComputer -Filter * | ? { $members -notcontains $_.Name }
Ansgar Wiechers
  • 193,178
  • 25
  • 254
  • 328