Active directory automated cleaning Script for disabled users

by dakseven, posted in Active Directory, PowerShell

Dear all ;

I just got a little script that could be usefull if you plan to used towards an OU

It will Strip the memebership groups, Addresslist exchange membership and ensure is disabled.

You can schedule this script at the last time of the day , please make sure you change the OU to your respective disabled users OU, if you do not have one … It is time to create it !

#Change the value OU for your respective ou!!!

#removes from addresslist the users
get-aduser -Filter * -SearchBase  'OU=Disabled Account, DC=Contoso =Local'| Set-ADUser -Clear showInAddressBook 

#Remove-ADPrincipalGroupMembership 
get-aduser -Filter * -SearchBase  'OU=Disabled Account, DC=Contoso =Local' -Properties MemberOf | ForEach-Object {$_.MemberOf | Remove-ADGroupMember -Members $_.DistinguishedName -Confirm:$false}
#Ensures every account is disabled here 
get-aduser -Filter * -SearchBase  'OU=Disabled Account, DC=Contoso =Local'| Disable-ADAccount
Advertisement

Published by dakseven

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.