# connect with graph for E-mail sending
Join-MgGraph -Scopes Mail.Ship -NoWelcome
$invokeADComputersCleanupSplat = @{
#ExcludeDomains="advert.evotec.xyz"
# security limits (minimal quantity of computer systems that must be returned from every supply)
SafetyADLimit = 30
#SafetyAzureADLimit = 5
#SafetyIntuneLimit = 3
#SafetyJamfLimit = 50
# disable settings
Disable = $true
DisableAndMove = $true
DisableAndMoveOrder="DisableAndMove" # DisableAndMove, MoveAndDisable
#DisableIsEnabled = $true
DisableLimit = 1
DisableLastLogonDateMoreThan = 90
DisablePasswordLastSetMoreThan = 90
#DisableLastSeenAzureMoreThan = 90
DisableRequireWhenCreatedMoreThan = 90
DisablePasswordLastSetOlderThan = Get-Date -Yr 2023 -Month 1 -Day 1
#DisableLastSyncAzureMoreThan = 90
#DisableLastContactJamfMoreThan = 90
#DisableLastSeenIntuneMoreThan = 90
DisableMoveTargetOrganizationalUnit = @{
'advert.evotec.xyz' = 'OU=Disabled,OU=Computer systems,OU=Gadgets,OU=Manufacturing,DC=advert,DC=evotec,DC=xyz'
'advert.evotec.pl' = 'OU=Disabled,OU=Computer systems,OU=Gadgets,OU=Manufacturing,DC=advert,DC=evotec,DC=pl'
}
# transfer settings
Transfer = $false
MoveLimit = 1
MoveLastLogonDateMoreThan = 90
MovePasswordLastSetMoreThan = 90
#MoveLastSeenAzureMoreThan = 180
#MoveLastSyncAzureMoreThan = 180
#MoveLastContactJamfMoreThan = 180
#MoveLastSeenIntuneMoreThan = 180
#MoveListProcessedMoreThan = 90 # disabled laptop has to spend 90 days in record earlier than it may be deleted
MoveIsEnabled = $false # Laptop must be disabled to be moved
MoveTargetOrganizationalUnit = @{
'advert.evotec.xyz' = 'OU=Disabled,OU=Computer systems,OU=Gadgets,OU=Manufacturing,DC=advert,DC=evotec,DC=xyz'
'advert.evotec.pl' = 'OU=Disabled,OU=Computer systems,OU=Gadgets,OU=Manufacturing,DC=advert,DC=evotec,DC=pl'
}
# delete settings
Delete = $false
DeleteLimit = 2
DeleteLastLogonDateMoreThan = 180
DeletePasswordLastSetMoreThan = 180
#DeleteLastSeenAzureMoreThan = 180
#DeleteLastSyncAzureMoreThan = 180
#DeleteLastContactJamfMoreThan = 180
#DeleteLastSeenIntuneMoreThan = 180
#DeleteListProcessedMoreThan = 90 # disabled laptop has to spend 90 days in record earlier than it may be deleted
DeleteIsEnabled = $false # Laptop must be disabled to be deleted
# world exclusions
Exclusions = @(
'*OU=Area Controllers*' # exclude Area Controllers
)
# filter for AD search
Filter="*"
# logs, reviews and datastores
LogPath = "$PSScriptRootLogsCleanupComputers_$((Get-Date).ToString('yyyy-MM-dd_HH_mm_ss')).log"
DataStorePath = "$PSScriptRootCleanupComputers_ListProcessed.xml"
ReportPath = "$PSScriptRootReportsCleanupComputers_$((Get-Date).ToString('yyyy-MM-dd_HH_mm_ss')).html"
# WhatIf settings
ReportOnly = $false
WhatIfDisable = $true
WhatIfMove = $true
WhatIfDelete = $true
ShowHTML = $true
DontWriteToEventLog = $true
}
$Output = Invoke-ADComputersCleanup @invokeADComputersCleanupSplat
# Now lets ship e-mail utilizing Graph
[Array] $DisabledObjects = $Output.CurrentRun | The place-Object { $_.Motion -eq 'Disable' }
[Array] $DeletedObjects = $Output.CurrentRun | The place-Object { $_.Motion -eq 'Delete' }
$EmailBody = EmailBody -EmailBody {
EmailText -Textual content "Hi there,"
EmailText -LineBreak
EmailText -Textual content "That is an automatic e-mail from Automations run on ", $Env:COMPUTERNAME, " on ", (Get-Date -Format 'yyyy-MM-dd HH:mm:ss'), " by ", $Env:UserName -Shade None, Inexperienced, None, Inexperienced, None, Inexperienced -FontWeight regular, daring, regular, daring, regular, daring
EmailText -LineBreak
EmailText -Textual content "Following is a abstract for the pc object cleanup:" -FontWeight daring
EmailList {
EmailListItem -Textual content "Objects actioned: ", $Output.CurrentRun.Rely -Shade None, Inexperienced -FontWeight regular, daring
EmailListItem -Textual content "Objects deleted: ", $DeletedObjects.Rely -Shade None, Salmon -FontWeight regular, daring
EmailListItem -Textual content "Objects disabled: ", $DisabledObjects.Rely -Shade None, Orange -FontWeight regular, daring
}
EmailText -Textual content "Following objects had been actioned:" -LineBreak -FontWeight daring -Shade Salmon
EmailTable -DataTable $Output.CurrentRun -HideFooter {
New-HTMLTableCondition -Title 'Motion' -ComparisonType string -Worth 'Delete' -BackGroundColor PinkLace -Inline
New-HTMLTableCondition -Title 'Motion' -ComparisonType string -Worth 'Disable' -BackGroundColor EnergyYellow -Inline
New-HTMLTableCondition -Title 'ActionStatus' -ComparisonType string -Worth 'True' -BackGroundColor LightGreen -Inline
New-HTMLTableCondition -Title 'ActionStatus' -ComparisonType string -Worth 'False' -BackGroundColor Salmon -Inline
New-HTMLTableCondition -Title 'ActionStatus' -ComparisonType string -Worth 'Whatif' -BackGroundColor LightBlue -Inline
}
EmailText -LineBreak
EmailText -Textual content "Regards,"
EmailText -Textual content "Automations Group" -FontWeight daring
}
# ship e-mail utilizing Mailozaurr
Ship-EmailMessage -To 'przemyslaw.klys@check.pl' -From 'przemyslaw.klys@check.pl' -MgGraphRequest -Topic "Automated Laptop Cleanup Report" -Physique $EmailBody -Precedence Low -Verbose -WhatIf
