Register

Forgot Password

Site FAQ

Home > IT Answers > Microsoft Windows > Home directory clean up on Active Directory W...

Regba

20 pts.

Home directory clean up on Active Directory Windows Server 2003

Home Directory, Active Directory, Windows Server 2003, Group Policy

I am looking to clean up a large amount of user home directories. I am trying to find a way to find user directories that belong to disabled user accounts or belong to no user account at all. Does anyone have a process for this or know of a utility that will generate a report with this information and then move the specifics disabled home drives to a folder in bulk? I prefere not to use a third party software maybe a scrypt or batch file...how to do it step by step.

ASKED: Dec 13, 2010 8:58 AM GMT

UPDATED: December 13, 2010 6:34:53 PM GMT

RELATED QUESTIONS

Spadasoe

5,115 pts.

Answer Wiki:

I use Quest PowerGUI with the AD powerpack. The UI is nice, and within the powerpack you can execute queries against your AD quite easily. For what you ask you can display all disabled accounts and add a filter for homedirectory is not empty, then generate a report from the output.

Last Wiki Answer Submitted: Dec 13, 2010 4:22 PM (GMT) by Spadasoe

5,115 pts.

To see other answers submitted to the Answer Wiki View Answer History.

RSS - Discussions Help

Discuss This Question:

_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

POSTED: Dec 13, 2010 6:34 PM (GMT)

I’m an old command line guy so:
For Domain CORP.MYCORP.COM
(You could use DomainRoot depending on what you are looking to do.)
Searching in OU=People

To find the distinguished names of users:
Default gives distinguished names of oubjects.
intersting switches in this case: -disabled | -o SAMID
add -disabled to the DSQuery to only pull disabled objects

dsquery user OU=People,DC=CORP,DC=MYCORP,DC=COM -scope subtree -limit 60000

To get a listing of information that includes the home directory set in AD:

dsquery user OU=People,DC=CORP,DC=PEP,DC=PVT -scope subtree -limit 10 | dsget user -disabled -samid -hmdir

If you don’t set Home Directory in AD, I hope it has SAMID within the directory structure to allow you to search / find on it to match to IDs.

A simple FOR loop can parse the information and move directories of disabled accounts to a holding location.
Using a more complex FOR loop with logic you could drop a flag files in directories of active users and inactive users.
Using the flag file as a basis you can parse directoried to find those not associated with an existing ID.

Pjb0222

3,310 pts.

Ask a Question

Browse IT Answers by Topic

Community Blog | About Us | Contact Us | FAQ | Terms of Use | DMCA Policy

TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organization's IT projects - with its network of technology-specific Web sites, events and magazines.
All Rights Reserved, Copyright 1999-2012, TechTarget | Read our Privacy Policy
Questions and Answers Index 1 | Questions and Answers Index 2 | IT Topics Index 1 | IT Topics Index 2 | Blogs Index | Blogs Tags