As a PowerShell beginner you're probably a Googling maniac; I was definitely. �As you go out and find script snippets out there you'll find that a ton of examples demonstrate a concept of reading computer names from a text file. �When someone is demonstrating how to run a command on multiple computers it is the easiest way; just dump some computers in a text file, save it and then use Get-Content or Import-CSV. �I strongly encourage you to NOT do this.

Using a text file isn't necessarily bad practice to do so. �It's because you're probably performing some manual process to get those computers into the file when you don't have to! �Instead of dropping in a bunch of computer names into a file I strongly encourage you to think about how you're getting those computer names and set that criteria in the script.

When you just blindly dump a bunch of computer names in a text file you're probably getting from Active Directory, a database, DNS, etc. �The source doesn't really matter. � What you may not realize is that with just a few more lines of code in that script you not only remove the manual process of creating the text file you're also making your script more dynamic and portable. �Here's a great example.

I once had 2 Vbscript scripts that disabled computer accounts based on lastLogonDate that probably took me 10+ minutes of my time to run.

Occasionally, I would manually go into AD and sort all computers by the lastLogonDate and copy them all out into a text file. �I then Googled for how to read lines from a text file and slapped that onto another script that then removed all the computer accounts with recent lastLogonDate attributes which created another text file. �Finally, I had a script that read that list and disabled the accounts. �This was crazy but it was the quickest way I could see how to do it at the time.

I was just blindly copying/pasting code that I found and shoehorning it into the task I was trying to accomplish.

Doing this had 3 distinct problems:

  1. Manual intervention - I was charged with finding all AD computers and copying/pasting them into a text file.
  2. Introducing more complexity than necessary - What if the folder I was writing these text files to didn't have the right permissions? �What if I goofed up the file names in the script? �These were questions that I didn't have to even think about if I'd have written it right.
  3. Too static - The computer name set would change all the time. �This is why I was constantly copying/pasting a new set of computers. �I needed to leave this script more flexible so that I could run it numerous times over an extended period of time and it'd just work every time.

What was the right way to do it? �Something like this:

Import-Module ActiveDirectory
$DaysOld = 90
$OldDate = (Get-Date).AddDays("-$DaysOld")
Get-AdUser -Filter * -Properties samAccountName,lastlogondate | Where-Object { ($_.lastlogondate -le $OldDate) -and ($_.Enabled -eq $True)} | Disable-AdAccount -Confirm:$false 

I now removed the task of me doing the copy/paste, I greatly simplified the code by first moving to Powershell and then removing all the text files completely. Finally, I enabled the script to be much more flexible. I can now run it at any time of the year and it will always be accurate!

This is just an example with Active Directory. You can apply this to whatever source you get the computer names from. Simply define your criteria (90 days old) and then write the script to pull from the source directly instead of introducing an unnecessary step of creating that text file.

Join the Jar Tippers on Patreon

It takes a lot of time to write detailed blog posts like this one. In a single-income family, this blog is one way I depend on to keep the lights on. I'd be eternally grateful if you could become a Patreon patron today!

Become a Patron!