-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDelete-EnactiveScomAgents.ps1
69 lines (53 loc) · 2.27 KB
/
Delete-EnactiveScomAgents.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
#THis script deletes the scoma agents if the computer account of the scom agent did not reset thes computer account password older than $daysold.
#Requires -Modules ActiveDirectory,OperationsManager
Import-Module OperationsManager,ActiveDirectory
$ManagementServer=Get-SCOMManagementServer -Name $Env:ComputerName*
$ADFilter = '(&(operatingSystem=*Server*)(objectClass=computer))'
$DaysOld=90
function New-Collection ( [type] $type )
{
$typeAssemblyName = $type.AssemblyQualifiedName;
$collection = new-object "System.Collections.ObjectModel.Collection``1[[$typeAssemblyName]]";
return ,($collection);
}
Function Delete-Agent {
Param(
[string[]]$AgentComputerName,
[string]$MSServer
)
[System.Reflection.Assembly]::Load("Microsoft.EnterpriseManagement.Core, Version=7.0.5000.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35")
[System.Reflection.Assembly]::Load("Microsoft.EnterpriseManagement.OperationsManager, Version=7.0.5000.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35")
# Connect to management group
Write-output "Connecting to management group"
$ConnectionSetting = New-Object Microsoft.EnterpriseManagement.ManagementGroup($MSServer)
$admin = $ConnectionSetting.GetAdministration()
Write-output "Getting agent managed computers"
$agentManagedComputers = $admin.GetAllAgentManagedComputers()
# Get list of agents to delete
foreach ($name in $AgentComputerName)
{
Write-output "Checking for $name"
foreach ($agent in $agentManagedComputers)
{
if ($deleteCollection -eq $null)
{
$deleteCollection = new-collection $agent.GetType()
}
if (@($agent.PrincipalName -eq $name))
{
Write-output "Matched $name"
$deleteCollection.Add($agent)
break
}
}
}
if ($deleteCollection.Count -gt 0)
{
Write-output "Deleting agents"
$admin.DeleteAgentManagedComputers($deleteCollection)
if($?){ Write-output "Agents deleted" }
}
}
$OldDays=[DateTime]::Today.AddDays(-1*$DaysOld)
$Computers = Get-ADComputer -LDAPFilter $ADFilter -Properties PasswordLastSet,OperatingSystem | where {$_.PasswordLastSet -le $OldDays}
Delete-Agent -AgentComputerName $Computers.DnsHostName -MSServer $Env:ComputerName