CleanupMonster

This module provides an easy way to cleanup Active Directory from dead/old objects based on various criteria. It can also disable, move or delete objects. It can utilize Azure AD, Intune and Jamf to get additional information about objects before deleting them.

Stars138

Forks18

Open issues0

PowerShell Gallery downloads25529

Releasev3.1.7

Language: PowerShell Updated: 2026-03-10T14:49:12.0000000+00:00

Documentation

CleanupMonster Overview

When to use CleanupMonster and what it covers.

Use CleanupMonster when Active Directory cleanup needs to be staged, reviewable, and repeatable instead of a one-off delete script.

The module covers stale computer cleanup, managed service account cleanup, and SID history cleanup. The safest pattern is to generate a report, review the selected objects, then enable actions with low limits and explicit filters.

Common tasks

Preview stale computer cleanup before disabling or deleting objects.
Disable or delete stale MSA and gMSA accounts with explicit include and exclude filters.
Review SID history before removal.
Generate HTML reports for handoff and approval.