Jump to content


Centaur63

Query for Disabled Computers

By Centaur63, in Configuration Manager 2007

Recommended Posts

Centaur63 Newbie

Centaur63

Posted
Posted

How do i Setup a collection to find all the Disabled computers? I am cleaning up my ADUC and there are alot of computers that I disbaled that have not been on the network for sometimes. I am unble to delete them from ADUC just yet. Because i need to be sure they are no in use anymore.

 

Is here a way for me to setup a collection in SCCM that querys all the disabled computers?

Share this post

Link to post
Share on other sites
Eswar Koneti Newbie

Eswar Koneti

Posted
Posted

How do i Setup a collection to find all the Disabled computers? I am cleaning up my ADUC and there are alot of computers that I disbaled that have not been on the network for sometimes. I am unble to delete them from ADUC just yet. Because i need to be sure they are no in use anymore.

 

Is here a way for me to setup a collection in SCCM that querys all the disabled computers?

 

 

Take a look at this post http://social.techne...eb-8ec3fe9a69d7

 

Here are some of the values on User Account Control:

 

4096 is a plain computer account.

4098 is 4096 + 2, so this would be a disabled computer account.

4128 is 4096 + 32, so this would be a computer account that doesn't require a password.

532480 is 524288 + 8192, so this would be a domain controller account that's trusted for delegation.

 

More info http://support.microsoft.com/kb/305144

Share this post

Link to post
Share on other sites
Centaur63 Newbie

Centaur63

Posted
Posted

 

 

Thanks, UAC on the computer resource should have 4098 in it correct. The machines have 4096 along with some of the active machines on the network.

 

It dosnt seem to be picking up these computers.

Share this post

Link to post
Share on other sites
Eswar Koneti Newbie

Eswar Koneti

Posted
Posted

Thanks, UAC on the computer resource should have 4098 in it correct. The machines have 4096 along with some of the active machines on the network.

 

It dosnt seem to be picking up these computers.

 

 

If you have taken look at http://social.technet.microsoft.com/Forums/en-US/configmgrgeneral/thread/041a95cb-6c65-4d64-abeb-8ec3fe9a69d7 post,Sullivan posted a script

Share this post

Link to post
Share on other sites
Centaur63 Newbie

Centaur63

Posted
Posted

Take a look at this post http://social.techne...eb-8ec3fe9a69d7

 

Here are some of the values on User Account Control:

 

4096 is a plain computer account.

4098 is 4096 + 2, so this would be a disabled computer account.

4128 is 4096 + 32, so this would be a computer account that doesn't require a password.

532480 is 524288 + 8192, so this would be a domain controller account that's trusted for delegation.

 

More info http://support.microsoft.com/kb/305144

 

Thanks alot,

 

This is my query statement:

select SMS_R_SYSTEM.ResourceID,SMS_R_SYSTEM.ResourceType,SMS_R_SYSTEM.Name,SMS_R_SYSTEM.SMSUniqueIdentifier,SMS_R_SYSTEM.ResourceDomainORWorkgroup,SMS_R_SYSTEM.Client from SMS_R_System where SMS_R_System.UserAccountControl = "4098"

 

 

I will give it 30-40 mins and see if it populates the computers.

Share this post

Link to post
Share on other sites
Eswar Koneti Newbie

Eswar Koneti

Posted
Posted

Is it possible to put them into a group and have it populate the list that way so i can clean up sccm? Right now nothing is being populated?

 

 

Or Else,you can use site maintanance tasks to delete agent discovery data or other tasks.

OR Try moving all the diasbled computers to One OU in AD and create a collection with OU filter to list all the disabled computers and use delete special.

Share this post

Link to post
Share on other sites
Zaxxon2009 Newbie

Zaxxon2009

Posted
Posted

Or Else,you can use site maintanance tasks to delete agent discovery data or other tasks.

OR Try moving all the diasbled computers to One OU in AD and create a collection with OU filter to list all the disabled computers and use delete special.

 

I have the same problem, but when i populate the query using the tag "4098" nothing shows up. If i for test uses "4096" all clients pops up, even those that are disabled and moved into a specific OU.

Is there a chance you migh post a sample query to list all disabled computers in a specific OU?

 

Or even hint how to exactly do a query to NOT add disabled computers? It doesnt seem to help what i query for, it wont populate the right info, i get all clients, even those specificly disabled and moved to a specific OU.

Atm i have about 90 clients in my "disabled" OU, but they still show up in "All Systems".

 

I also changed in discovery method, to only scan specific OU's, Not choosing the disabled clients OU at all. And they still shows up in all system.

 

Cheers

 

/Zed

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.