1. PDQ Deploy & Inventory Help Center
  2. Community
  3. PDQ Inventory
 

Important Notice: On February 29th, this community was put into read-only mode. All existing posts will remain but customers are unable to add new posts or comment on existing. Please feel to join our Community Discord for any questions and discussions.

Identify computers deleted from AD ("Import Only" selected)

Avatar
Jason Mauai

Is there a way to create a report or collection identifying all computers recently deleted from AD, assuming "Import Only" option is selected in AD Sync preferences?

0

Comments

4 comments
Date Votes
  • Avatar
    Stephen Valdinger

    I believe that this is what you are wanting to get. Typically "Computer name could not be found" as a scan status is a pretty good indicator that either A) the machine has been removed from AD or B) you have a DNS issue with name resolution on that host. Both are valuable.

     

    This XML can be imported into Inventory and run to give you a list:

     

    <?xml version="1.0" encoding="UTF-8"?>

    -<AdminArsenal.Export MinimumVersion="3.1" Version="12.2.0.0" Name="PDQ Inventory" Code="PDQInventory">


    -<Report>


    -<ReportDefinition name="Definition">


    -<Columns type="list">


    -<Column>

    <Column>Name</Column>

    <Summary/>

    <Table>Computer</Table>

    <Title/>

    </Column>


    -<Column>

    <Column>ScanStatus</Column>

    <Summary/>

    <Table/>

    <Title/>

    </Column>

    </Columns>


    -<RootFilter name="Filter">

    <Comparison>All</Comparison>


    -<Filters type="list">


    -<ValueFilter>

    <Table>Computer</Table>

    <Column>ScanStatus</Column>

    <Comparison>Contains</Comparison>

    <Value>Computer name could not be found</Value>

    </ValueFilter>

    </Filters>

    </RootFilter>

    <ReportDefinitionTypeName>BasicReportDefinition</ReportDefinitionTypeName>

    </ReportDefinition>

    <Description>Report gathers scan status equal to "Computer name could not be found". This is indicative of a computer object being removed from AD. NOTE*, this could also identifiy DNS issues.</Description>

    <Name>Computers not in AD</Name>

    <ReportFolderId value="1"/>

    <ReportType>BasicReport</ReportType>

    </Report>

    </AdminArsenal.Export>
    0
  • Avatar
    Seth Lester Leary III

    I'm looking for this same thing, except I'm hoping for exact results, and ideally I'd like them in a dynamic collection.

    The exact results should be possible. It's the same list of computers PDQ Inventory would delete from the database were the sync option changed from "Import Only" to "Mixed Sync".

    0
  • Avatar
    Michael D

    It would be nice to have this as an builtin option in PDQ Inventory so we could filter it out in a collection/report.

    0
  • Avatar
    Michael D

    Or maybe use PowerShell... Get-ADComputer, export to a CSV, and import into a custom field.

    Maybe somehow export a list of the PC from PDQ, query the AD for disabled, then if the computer account is missing, if would return an error code. Then mark the PC as disabled or deleted.

    Not sure it is at all possible.

    0