How to cleanup in AD deleted devices via Powershell in ConfigMgr 2012 SP1

How to cleanup in AD deleted devices via Powershell in ConfigMgr 2012 SP1

sccm2012-logoI am not a real scripting guy but for one of my customers I wrote a Powershell script that allows you to delete devices in Configuration Manager 2012 SP1 that have been deleted from the Active Directory. This way the customer is able to keep its Configuration Manager database clean and update date. With the release of Service Pack 1 for Configuration Manager you are able to use real Configuration Manager cmdlets instead of connecting through WMI to your Configuration Manager 2012 site. Scripting has become easy 😉

The script checks every device that is available in the All Systems collection if it is still available in Active Directory and it will delete devices that comply to the following rules:

  • The device is available in ConfigMgr but not in Active Directory
  • The device is not a member of a Workgroup
  • The device is not a mobile device
  • The device is not manually imported for Operating System Deployment

Before you are able to use the script you need to configure some variables, you can find these just beneath the comments in the header of the script;

  • $sitecode = “<sitecode>:”
  • $sitecode = “PS1:
  • $installdrive = “<ConfigMgr Admin Console installation>
  • $installdrive = “C:
  • $loglocation = “<loglocation>
  • $loglocation = “D:Logfiles
  • $localdomain = “<domainname>
  • $localdomain = “ConfigMgrLab

Prerequisites to use this script are:

  • Powershell 3.0 (x86)
  • System Center 2012 Configuration Manager 2012 SP1
  • Active Directory Module for Windows PowerShell

The script RemoveDeletedDevicesFromConfigMgr2012SP1.ps1 uses the cmdlet Get-CMDevices to retrieve the information about the devices from Configuration Manager. After checking if the device is available in Active Directory, part of a workgroup, part of an other domain or mobile device the Remove-CMDevices cmdlet will be used to remove the device from Configuration Manager. Together with the log function of fellow Configuration Manager MVP Kaido Järvemets ( this script will log also if a devices is deleted or why a device is preserved. The script will check the device in Configuration Manager and report back which device does not have an account in the Active Directory you configured.

Log output of the script

Log output of the script

Please let me know what you think, you can download the script here. (

When scheduling this script, be sure that the account you are using has the persmission to delete a device from the All Systems Collection in Configuration Manager.

The script is  provided “AS IS” with no warranties.




I can’t get this to work. The log files return that the two machines I’m testing against have been removed, though the devices (workstations) in question still appear in the console. Running a query on the CM databases returns the two machines as well.
Running SCCM 2012 R2.

Peter Daalmans

Hi Bill,

What variables did you configure?


Chase Roth

The Remove-CMDevice is commented out in the version I downloaded from the Gallery. You may need to remove the “#” from in front of Remove-CMDevice line.

Peter Daalmans


Did you ever get this resolved? I am having the same issue.

Peter Daalmans

Did you remove the # in front of remove-cmdevice? Removing the # will allow you to actually delete the records.

Hi Peter,

I’m trying to use your script on our environment with no success.

I’ve not removed the comment on the line that deletes the computers, I want to get a list first to check if its working, but I don’t get a log file.

The script runs, I get no error messages but no log file, nothing at all. 🙁

Did some changes to see if I could get it to work, like getting the computer collection instead of all systems, but still nothing.

I’m running a 2k8 R2 server with SCCM 2012 SP1 and the Powershell (x86). I’ve set my system to US region just in case.

Thanks in advance for your help.


Peter Daalmans

Hi Sergio, what parameters did you configure?

The script does work for me. I have the following variables defined:

$sitecode = “CM1:”
$installdrive = “C:”
$loglocation = “C:\Program Files\Microsoft Configuration Manager\Logs”
$localdomain = “”
$maxdevices = 200

The script runs and then without error it changes the directory to CM1.

PS C:\> ./RemoveDeletedDevicesFromConfigMgr2012SP1_v0_3.ps1
PS CM1:\>

Hi Peter

We have modified the variables in the script to match my domain, site code etc. When i run the script manually it works as expected, however when i run the script as a scheduled task it deletes a lot of device objects in SCCM that still present in Active Directory.

Any ideas/ help would be appreciated. Has anyone else had the same issue?

Great script by the way!



Peter Daalmans

Hi Graig, can you please share the script with me via peter at ? Thanks!

Trackbacks for this post

Leave a Reply

Time limit is exhausted. Please reload CAPTCHA.

Read previous post:
My top 10 new features of ConfigMgr 2012 SP1 – part 5

In my series about my top 10 of new features in Configuration Manager 2012 SP1 Read more