PS Powershell

To see the UUID on a windows system 

PS C:\Program Files\Tenable\Nessus Agent> powershell -Command "[guid]::NewGuid().ToString()" 

81267e4d-e5e0-443c-a6c1-6eb5f7feff7e 

 

PS C:\Program Files\Tenable\Nessus Agent> wmic path win32_computersystemproduct get uuid 

UUID 

F09B7013-6C98-6C82-9764-ACA1C4655174 

 

PS C:\Windows\system32> wmic csproduct get UUID 

UUID 

F09B7013-6C98-6C82-9764-ACA1C4655174 

 

PS C:\Windows\system32> wmic nic get "MACAddress" 

MACAddress 

42:01:0A:FF:0C:15 

 

Get GUID in Windows 

PS C:\Windows\system32> GWMI -namespace root\cimv2 -class win32_volume | FL -property DriveLetter, DeviceID 

 

DriveLetter : C: 

DeviceID    : \\?\Volume{4708e275-1a04-46be-a55a-314eafd64e14}\ 

 

DriveLetter : D: 

DeviceID    : \\?\Volume{dc73bf11-1fec-44bf-a1be-3b6661f56c81}\ 

 

PS C:\Windows\system32> wmic bios get name,serialnumber,version 

Name    SerialNumber                                  Version 

Google  GoogleCloud-13709BF0986C826C9764ACA1C4655174  Google - 1 

 

PS C:\Windows\system32> wmic csproduct get name,identifyingnumber,uuid 

IdentifyingNumber                             Name                   UUID 

GoogleCloud-13709BF0986C826C9764ACA1C4655174  Google Compute Engine  F09B7013-6C98-6C82-9764-ACA1C4655174 

PS C:\Windows\system32> wmic cpu get name,currentclockspeed,maxclockspeed 

CurrentClockSpeed  MaxClockSpeed  Name 

2300               2300           Intel(R) Xeon(R) CPU @ 2.30GHz

 

https://social.technet.microsoft.com/wiki/contents/articles/52273.active-directory-how-to-find-inactive-computers-in.aspx  

Find and export all 90 days stale computers from AD 

$DaysInactive = 90 

$time = (Get-Date).Adddays(-($DaysInactive)) 

Get-ADComputer -Filter {LastLogonTimeStamp -lt $time} -ResultPageSize 2000 -resultSetSize $null -Properties Name, OperatingSystem, SamAccountName, DistinguishedName | Export-CSV “C:\Temp\Stale90-days-Comps.txt” –NoTypeInformation  

Get-ADComputer -Filter {LastLogonTimeStamp -lt $time} -ResultPageSize 2000 -resultSetSize $null -Properties Name, OperatingSystem, SamAccountName, DistinguishedName | Export-CSV “C:\Temp\Stale90-days-Comps.csv” –NoTypeInformation  

 

https://community.spiceworks.com/how_to/125704-how-to-find-and-remove-stale-users-and-computers-in-active-directory  

List all the computes in AD  

Get-ADComputer -filter * | select Name | ft 

 

Simple ds query to find and export stale computers and users 

dsquery computer -inactive 8 -limit 500 > c:\temp\computes-AD-8-weeks-stale.txt 

dsquery user -inactive 8 -limit 1000 > c:\temp\users-AD-8-weeks-stale.txt 

 

To disable the inactive computers/users, run: 

dsquery computer -inactive 8 | dsmod computer –disabled yes 

or 

dsquery user -inactive 8 | dsmod user –disabled yes 

 

To find the disabled computers/users and to delete them, run: 

dsquery computer –disabled | dsrm -noprompt 

or 

dsquery user -disabled | dsrm -noprompt 

Note: while using -noprompt, no confirmation will be requested before deletion. 

 

Instead of disabling the inactive computers/users first, one can directly delete them by running : 

dsquery computer -inactive 7 | dsrm -noprompt 

or 

dsquery user -inactive 7 | dsrm -noprompt