Home ยป PowerShell ยป Remove-AdComputer in Active Directory

Remove-AdComputer in Active Directory

Remove-AdComputer cmdlet in PowerShell removes an Active Directory computer. The Identity parameter specifies the ad computer to remove using GUID, Distinguished Name, Security Identifier, or SAMAccountName.

Active Directory Administrators are responsible for active directory management like domain management, creating users, and managing computer objects, and groups in an active directory. As an admin, we have to keep track of inactive adcomputer and remove adcomputer which is inactive or never logged on.

Get-AdComputer cmdlet in Active Directory is used to get adcomputer from the active directory based on search criteria and pass adcomputer objects to Remove-AdComputer to remove computers from the active directory.

In this blog post, I will explain how to use Remove-AdComputer in the Active directory to remove adcomputer, delete all computers from a specified location and remove adcomputer and all leaf objects that are located in a specified directory.

Remove-AdComputer Syntax

Remove-AdComputer removes an active directory computer.

Syntax:

Remove-ADComputer
      [-WhatIf]
      [-Confirm]
      [-AuthType <ADAuthType>]
      [-Credential <PSCredential>]
      [-Identity] <ADComputer>
      [-Partition <String>]
      [-Server <String>]
      [<CommonParameters>]

Parameters:

โ€“AuthType โ€“ It specifies the authentication method to use. AuthType parameter accepts either Basic (or 1) or Negotiate (or 0). It has Negotiate default authentication method.

SSL (Secure Socket Layer) connection is required to use the Basic Authentication method.

โ€“Credential PSCredential โ€“ It specifies user credentials required to perform the Remove-AdComputer task. It default accepts the credentials of logged-on users.

To use the Credential parameter, use username as User1 or domain\User1 or you can create and use PSCredential object by using Get-Credential cmdlet.

-Identity โ€“ It specifies Active Directory object using a distinguished name, GUID, security identifier or SAMAccountName

-Partition โ€“ It specifies the distinguished name of an active directory partition.

Remove-AdComputer from Active Directory

To delete adcomputer from an active directory that is inactive or never logged on in xx days, use Remove-AdComputer as below

Remove-ADComputer -Identity "HR-101"

In the above PowerShell script, Remove-AdComputer removes computer from the active directory specified by the Identity parameter.

When we run the above command, it will prompt us to perform the action below

remove-adcomputer in active directory
Remove-AdComputer in Active Directory

On Y or Yes to All option selection, Remove-AdComputer removes the active directory computer.

Remove all AdComputer from Specified Location

If you want to remove all adcomputer from a specified location, you need to use the Get-AdComputer cmdlet to get ad computers using Filter conditions as below

Get-ADComputer -Filter 'Location -eq "EU/RHS"' | Remove-ADComputer

In the above PowerShell script,

Get-AdComputer get ad computers from a location using a Filter parameter where the Location is equal to the EU/RHS region and passes the output to the second command.

Remove-AdComputer deletes ad computer from the active directory retrieved using the Get-AdComputer cmdlet.

The output of the above script to get adcomputers from location and remove-adcomputer as below

remove-adcomputer from location
Remove-AdComputer from Location

Remove-AdComputer cmdlet asks for the prompt to confirm remove computer from active directory.

Remove AdComputer No Confirm

To remove adcomputer without prompt in a specified location using Remove-AdComputer run the below command

Get-ADComputer -Filter 'Location -eq "EU/RHS"' | Remove-ADComputer -Confirm:$False

In the above PowerShell script, remove-adcomputer cmdlet deletes computers from the active directory retrieved using Get-AdComputer.

Confirm:$False parameter does not prompt for confirmation to remove adcomputer.

Cool Tip: Using Group Managed Service Accounts in Active Directory!

Conclusion

In the above article, we learned to remove adcomputer from a specified location or remove the specified adcomputer using the distinguished name specified using the Identity parameter.

Remove-AdComputer remove computer from the active directory, you need to use Get-AdComputer to get ad computers from the active directory.

You can find more topics about PowerShell Active Directory commands and PowerShell basics on the ShellGeek home page.

Leave a Comment