[German]A little tip for administrators of Windows systems. Mark Heitbrink has sat down and built a small PowerShell script that checks the Active Directory under Windows for orphaned administrator accounts and cleans the system of such corpses. The PowerShell script can do a few more things.
Recently I came across a post by Mark Heitbrink on Facebook in a group called gruppenrichtlinien. Thought to share it here within the blog.
Mark has provided the PowerShell script Cleanup-AdminCount on GitHub and wrote about his solution:
A language independent(!) Powershell Script to remove orphaned AdminCounts on User objects in AD and enable ACL inheritance. Repair User Accounts, protected by sdprop/AdminSDHolder process in Active Directory, that are no longer Member of Protected Groups
The script, which is provided under MIT license, does not initially work with the display name of the group but uses the Well-Known SID. Details on the functions and how to call them can be found on the GitHut page.
