Thursday, December 5, 2024
HomePowershellMastering Lively Listing Hygiene: Automating Stale Laptop Cleanup with CleanupMonster

Mastering Lively Listing Hygiene: Automating Stale Laptop Cleanup with CleanupMonster


# connect with graph for E-mail sending
Join-MgGraph -Scopes Mail.Ship -NoWelcome

$invokeADComputersCleanupSplat = @{
    #ExcludeDomains="advert.evotec.xyz"
    # security limits (minimal quantity of computer systems that must be returned from every supply)
    SafetyADLimit                       = 30
    #SafetyAzureADLimit                  = 5
    #SafetyIntuneLimit                   = 3
    #SafetyJamfLimit                     = 50
    # disable settings
    Disable                             = $true
    DisableAndMove                      = $true
    DisableAndMoveOrder="DisableAndMove" # DisableAndMove, MoveAndDisable
    #DisableIsEnabled                    = $true
    DisableLimit                        = 1
    DisableLastLogonDateMoreThan        = 90
    DisablePasswordLastSetMoreThan      = 90
    #DisableLastSeenAzureMoreThan        = 90
    DisableRequireWhenCreatedMoreThan       = 90

    DisablePasswordLastSetOlderThan     = Get-Date -Yr 2023 -Month 1 -Day 1
    #DisableLastSyncAzureMoreThan   = 90
    #DisableLastContactJamfMoreThan = 90
    #DisableLastSeenIntuneMoreThan       = 90
    DisableMoveTargetOrganizationalUnit = @{
        'advert.evotec.xyz' = 'OU=Disabled,OU=Computer systems,OU=Gadgets,OU=Manufacturing,DC=advert,DC=evotec,DC=xyz'
        'advert.evotec.pl'  = 'OU=Disabled,OU=Computer systems,OU=Gadgets,OU=Manufacturing,DC=advert,DC=evotec,DC=pl'
    }

    # transfer settings
    Transfer                                = $false
    MoveLimit                           = 1
    MoveLastLogonDateMoreThan           = 90
    MovePasswordLastSetMoreThan         = 90
    #MoveLastSeenAzureMoreThan    = 180
    #MoveLastSyncAzureMoreThan    = 180
    #MoveLastContactJamfMoreThan  = 180
    #MoveLastSeenIntuneMoreThan   = 180
    #MoveListProcessedMoreThan    = 90 # disabled laptop has to spend 90 days in record earlier than it may be deleted
    MoveIsEnabled                       = $false # Laptop must be disabled to be moved
    MoveTargetOrganizationalUnit        = @{
        'advert.evotec.xyz' = 'OU=Disabled,OU=Computer systems,OU=Gadgets,OU=Manufacturing,DC=advert,DC=evotec,DC=xyz'
        'advert.evotec.pl'  = 'OU=Disabled,OU=Computer systems,OU=Gadgets,OU=Manufacturing,DC=advert,DC=evotec,DC=pl'
    }

    # delete settings
    Delete                              = $false
    DeleteLimit                         = 2
    DeleteLastLogonDateMoreThan         = 180
    DeletePasswordLastSetMoreThan       = 180
    #DeleteLastSeenAzureMoreThan         = 180
    #DeleteLastSyncAzureMoreThan    = 180
    #DeleteLastContactJamfMoreThan  = 180
    #DeleteLastSeenIntuneMoreThan   = 180
    #DeleteListProcessedMoreThan    = 90 # disabled laptop has to spend 90 days in record earlier than it may be deleted
    DeleteIsEnabled                     = $false # Laptop must be disabled to be deleted
    # world exclusions
    Exclusions                          = @(
        '*OU=Area Controllers*' # exclude Area Controllers
    )
    # filter for AD search
    Filter="*"
    # logs, reviews and datastores
    LogPath                             = "$PSScriptRootLogsCleanupComputers_$((Get-Date).ToString('yyyy-MM-dd_HH_mm_ss')).log"
    DataStorePath                       = "$PSScriptRootCleanupComputers_ListProcessed.xml"
    ReportPath                          = "$PSScriptRootReportsCleanupComputers_$((Get-Date).ToString('yyyy-MM-dd_HH_mm_ss')).html"
    # WhatIf settings
    ReportOnly                          = $false
    WhatIfDisable                       = $true
    WhatIfMove                          = $true
    WhatIfDelete                        = $true
    ShowHTML                            = $true

    DontWriteToEventLog                 = $true
}

$Output = Invoke-ADComputersCleanup @invokeADComputersCleanupSplat

# Now lets ship e-mail utilizing Graph
[Array] $DisabledObjects = $Output.CurrentRun | The place-Object { $_.Motion -eq 'Disable' }
[Array] $DeletedObjects = $Output.CurrentRun | The place-Object { $_.Motion -eq 'Delete' }

$EmailBody = EmailBody -EmailBody {
    EmailText -Textual content "Hi there,"

    EmailText -LineBreak

    EmailText -Textual content "That is an automatic e-mail from Automations run on ", $Env:COMPUTERNAME, " on ", (Get-Date -Format 'yyyy-MM-dd HH:mm:ss'), " by ", $Env:UserName -Shade None, Inexperienced, None, Inexperienced, None, Inexperienced -FontWeight regular, daring, regular, daring, regular, daring

    EmailText -LineBreak

    EmailText -Textual content "Following is a abstract for the pc object cleanup:" -FontWeight daring
    EmailList {
        EmailListItem -Textual content "Objects actioned: ", $Output.CurrentRun.Rely -Shade None, Inexperienced -FontWeight regular, daring
        EmailListItem -Textual content "Objects deleted: ", $DeletedObjects.Rely -Shade None, Salmon -FontWeight regular, daring
        EmailListItem -Textual content "Objects disabled: ", $DisabledObjects.Rely -Shade None, Orange -FontWeight regular, daring
    }

    EmailText -Textual content "Following objects had been actioned:" -LineBreak -FontWeight daring -Shade Salmon
    EmailTable -DataTable $Output.CurrentRun -HideFooter {
        New-HTMLTableCondition -Title 'Motion' -ComparisonType string -Worth 'Delete' -BackGroundColor PinkLace -Inline
        New-HTMLTableCondition -Title 'Motion' -ComparisonType string -Worth 'Disable' -BackGroundColor EnergyYellow -Inline
        New-HTMLTableCondition -Title 'ActionStatus' -ComparisonType string -Worth 'True' -BackGroundColor LightGreen -Inline
        New-HTMLTableCondition -Title 'ActionStatus' -ComparisonType string -Worth 'False' -BackGroundColor Salmon -Inline
        New-HTMLTableCondition -Title 'ActionStatus' -ComparisonType string -Worth 'Whatif' -BackGroundColor LightBlue -Inline
    }

    EmailText -LineBreak

    EmailText -Textual content "Regards,"
    EmailText -Textual content "Automations Group" -FontWeight daring
}

# ship e-mail utilizing Mailozaurr
Ship-EmailMessage -To 'przemyslaw.klys@check.pl' -From 'przemyslaw.klys@check.pl' -MgGraphRequest -Topic "Automated Laptop Cleanup Report" -Physique $EmailBody -Precedence Low -Verbose -WhatIf

RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

Recent Comments