Use PowerShell to Find Windows XP Computers Still Alive in Your Active Directory Domain
PS PSA – PowerShell Public Service Announcement
Usually I like to offer deep technical content on the blog, but today I’m going to keep it simple. Everyone should be keenly aware that Windows XP support officially ends on April 8, 2014. Many companies are migrating from Windows XP and need a quick script to check their progress. This is a simple solution with a couple variations to meet your needs.
Get-ADComputer
If you have tinkered at all with the AD PowerShell module, then this cmdlet should be familiar to you. Lucky for us Active Directory tracks the operating system of computers. Listing all the Windows XP computers in the domain can be as simple as this:
PS C:\> Import-Module ActiveDirectory
PS C:\> Get-ADComputer -Filter {OperatingSystem -like "*XP*"}
It is worth noting that the OperatingSystem attribute is not stored in the global catalog, so you will need to query each domain separately.
Beyond the basic attributes returned in the default set it would be nice to see date stamp fields that can help us determine if the Windows XP computer account is still active. In a previous post I discussed some tips on working with date fields in AD, and we’re going to use that technique here. We’ll also snag the relevant operating system attributes. Notice that I’m not using the infamous “-Properties *” option. For efficiency I list only the specific fields that I want to query and display. Finally, I’ve thrown in some PowerShell magic to grab the owner recorded on the account.
PS C:\> $XP = Get-ADComputer -Filter {OperatingSystem -like "*XP*"} `
-Properties Name, DNSHostName, OperatingSystem, `
OperatingSystemServicePack, OperatingSystemVersion, PasswordLastSet, `
whenCreated, whenChanged, LastLogonTimestamp, nTSecurityDescriptor, `
DistinguishedName |
Select-Object Name, DNSHostName, OperatingSystem, `
OperatingSystemServicePack, OperatingSystemVersion, PasswordLastSet, `
whenCreated, whenChanged, `
@{name='LastLogonTimestampDT';`
Expression={[datetime]::FromFileTimeUTC($_.LastLogonTimestamp)}}, `
@{name='Owner';`
Expression={$_.nTSecurityDescriptor.Owner}}, `
DistinguishedName
Next we will insert a Where-Object in the middle of the pipeline to restrict the output to only machines that have been active in the last 90 days. We do this by filtering on the whenChanged attribute. This date is updated anytime the AD computer object is updated for any reason. It is a shortcut to checking account staleness. Adjust this number to your needs.
PS C:\> $XP = Get-ADComputer -Filter {OperatingSystem -like "*XP*"} `
-Properties Name, DNSHostName, OperatingSystem, `
OperatingSystemServicePack, OperatingSystemVersion, PasswordLastSet, `
whenCreated, whenChanged, LastLogonTimestamp, nTSecurityDescriptor, `
DistinguishedName |
Where-Object {$_.whenChanged -gt $((Get-Date).AddDays(-90))} |
Select-Object Name, DNSHostName, OperatingSystem, `
OperatingSystemServicePack, OperatingSystemVersion, PasswordLastSet, `
whenCreated, whenChanged, `
@{name='LastLogonTimestampDT';`
Expression={[datetime]::FromFileTimeUTC($_.LastLogonTimestamp)}}, `
@{name='Owner';`
Expression={$_.nTSecurityDescriptor.Owner}}, `
DistinguishedName
Once we have our results in a variable, $XP, we can work with the output a number of ways: display it in a handy gridview, export it to CSV, or get a count of active XP machines.
PS C:\> $XP | Out-GridView
PS C:\> $XP | Export-CSV .\xp.csv
PS C:\> ($XP | Measure-Object).Count
I have posted the script samples above over at the TechNet Script Gallery for you to download and modify to your needs.
How much time do I have?
You may be curious how to calculate the number of support days remaining. The cmdlet New-Timespan makes this easy:
PS C:\> (New-TimeSpan -End (Get-Date -Day 8 -Month 4 -Year 2014 `
-Hour 0 -Minute 0 -Second 0)).TotalDays
Windows XP Migration Resources
Here is a list of related resources for Windows XP end-of-life:
Support for Windows XP and Office 2003 ends (including countdown timer)
https://www.microsoft.com/en-us/windows/business/retiring-xp.aspx
Microsoft Security Essentials ends for Windows XP
https://windows.microsoft.com/en-us/windows/end-support-help
Windows XP to Windows 7 Migration Guide
https://technet.microsoft.com/en-us/windows/ee150430
Windows 8.1 Migration Resources
https://technet.microsoft.com/en-us/windows/hh771457
Windows XP end of support enterprise resources
https://www.microsoft.com/en-us/windows/enterprise/endofsupport.aspx
Jumpstart your Windows XP Migration with the help of Microsoft Services
https://www.microsoft.com/en-us/microsoftservices/windows_xp_migration_jumpstart_service.aspx
Comments
- Anonymous
February 07, 2014
Hello, Jeff Stokes here, the dude as it were...so, if you hadn't noticed, XP end of life is quite - Anonymous
April 03, 2014
Is LastLogonDate not the already-prettified version of LastLogonTimestamp? - Anonymous
April 14, 2014
Here is a classic article that explains the nuances of LastLogonTimeStamp that I used in this one-liner.
http://blogs.technet.com/b/askds/archive/2009/04/15/the-lastlogontimestamp-attribute-what-it-was-designed-for-and-how-it-works.aspx - Anonymous
July 09, 2014
When I use the variable $XP, the lastlogontimestamp isn't included in the .csv, but it displays when I don't use the variable and displays on the screen. - Anonymous
July 09, 2014
Hi Brian, I would need to see your code to understand why this is happening. - Anonymous
August 07, 2014
The comment has been removed - Anonymous
September 04, 2014
Helpful, thanks a bunch! :) - Anonymous
October 29, 2014
Welcome! Today’s post includes demo scripts and links from the Microsoft Virtual Academy event: Using PowerShell for Active Directory . We had a great time creating this for you, and I hope you will share it with anyone needing to ramp up their - Anonymous
June 22, 2015
I need to get active computer on active directory - Anonymous
July 27, 2015
Hi,
is it possible to find out which client how long is online?
Best regards. Rene - Anonymous
March 09, 2016
Great, thank you.