Find older OS on a domain
2000,XP, 2003,Vista, 2008, Win 7, etc.
Get-ADComputer -Filter * -Properties OperatingSystem,LastLogonDate | where {$_.OperatingSystem -like "*2000*"} | select Name, OperatingSystem, Created, whenCreated, LastLogonDate, ipv4address | sort LastLogonDate -unique | Export-CSV
I switch around "{$_.OperatingSystem -like "*2000*"}" for the various flavors of Windows I might be looking for. "*Vista*", "*2003*", etc.
Some Kerberos Things
Get-ADComputer -Filter {TrustedForDelegation -eq $true -and primarygroupid -eq 515} -Properties trustedfordelegation,serviceprincipalname,description
Get-ADComputer -LDAPFilter "(userAccountControl:1.2.840.113556.1.4.803:=524288)"
