I'm sick of googling for this the few times per year I need it, so putting it here for future reference:
To identify stale computer account in your Active Directory, you can look at the last time they changed their passwords. Windows 2000 and later machines will change their computer accounts every 30 days by default. Machine accounts that have gone more than 30 days without changing their account passwords are probably no longer in use (or they have a problem preventing them from communicating with the domain controller(s)).
The easiest way to enumerate machine account password age is a free tool called NetPWAge by the folks over at SystemTools.com. Once downloaded, the syntax is simple:
NetPWAge /machines /domain:YOURDOMAINHERE /tabs > MachineAccts.txt
You can paste or import the results into Excel and do some fancy sorting to find out which machines need to get the boot.
Edited to add: I should mention that domain controllers themselves do not follow the 30-day rule, so don't go deleting them based on this scan. You know not to go deleting your domain controllers though, right?