Difference between revisions of "Inactive AD accounts"
Jump to navigation
Jump to search
| Line 11: | Line 11: | ||
Select-Object Name, SamAccountName, PasswordLastSet, LastLogonDate, Enabled | Select-Object Name, SamAccountName, PasswordLastSet, LastLogonDate, Enabled | ||
$usersNoPasswordReset | Format-Table -AutoSize | $usersNoPasswordReset | Format-Table -AutoSize | ||
| + | ``` | ||
| + | |||
| + | ``` | ||
| + | Import-Module ActiveDirectory | ||
| + | |||
| + | $textFilePath = "users.txt" | ||
| + | $usernames = Get-Content -Path $textFilePath | ||
| + | foreach ($username in $usernames) { | ||
| + | try { | ||
| + | Disable-ADAccount -Identity $username -ErrorAction Stop | ||
| + | # Remove-ADUser -Identity $username -Confirm:$false -ErrorAction Stop | ||
| + | Write-Output "Disabled account: $username" | ||
| + | } catch { | ||
| + | Write-Error "Failed to disable account: $username. Error: $_" | ||
| + | } | ||
| + | } | ||
``` | ``` | ||
Revision as of 16:41, 15 August 2024
Get inactive accounts
Import-Module ActiveDirectory
$ouPath = "OU=Some Accounts,DC=example,DC=com"
$usersNoPasswordReset = Get-ADUser -Filter {
PasswordLastSet -gt "7/11/2023 00:00:00 AM" -and
LastLogonDate -lt "7/11/2023 00:00:00 AM" -and
SamAccountName -like "somesvc-*" -and
Enabled -eq $true
} -SearchBase $ouPath -Properties PasswordLastSet, LastLogonDate, Enabled |
Select-Object Name, SamAccountName, PasswordLastSet, LastLogonDate, Enabled
$usersNoPasswordReset | Format-Table -AutoSize
Import-Module ActiveDirectory
$textFilePath = "users.txt"
$usernames = Get-Content -Path $textFilePath
foreach ($username in $usernames) {
try {
Disable-ADAccount -Identity $username -ErrorAction Stop
# Remove-ADUser -Identity $username -Confirm:$false -ErrorAction Stop
Write-Output "Disabled account: $username"
} catch {
Write-Error "Failed to disable account: $username. Error: $_"
}
}