by dana803 at 2013-01-04 11:05:27
I got help in a previous topic for using PS to disable accounts per a list of samaccountnames in a csv file. Below is one of 3 suggested codes to use to do so. It works great. However, I would like to enhance it to specify the OU as well if possible. Why? Because I just ran this today on a list of about 20 login id’s which I used as the samaccountname in my import file. It turns out that one of them was in a different OU, so a user got disabled that shouldn’t have. The one that did not get disabled had a user name or samaccountid that included the middle initial of the person, so the input file had an incorrect value. We would only be disabling or creating users in one OU at a time as each OU signifies a different client company. So, when provided a list that may have a user id that doesn’t exactly match a person in their OU but matches something in another client’s OU, I’d rather it error out saying it couldn’t find it in the OU I specified.by RichardSiddaway at 2013-01-05 04:44:18
Import-CSV D:\tmp\UsersToDisable.csv |
ForEach-Object {
Disable-ADAccount -Identity $.samaccountname -PassThru}
Thank you very much for any assistance with this.
Dana
Disable-AdAccount doesn’t have a parameter that allows you to specify the OU. You need to use get-aduser to identify the account and pipe that to disable-adaccount.
Get-ADUser -Filter ‘sAMAccountName -eq "jbloggs"’ -SearchBase "OU=Test,DC=Manticore,DC=org" | Disable-ADAccount
Using your code You can hard code the OUImport-CSV D:\tmp\UsersToDisable.csv |
ForEach-Object {
Get-ADUser -Filter "sAMAccountName -eq '$.samaccountname'" -SearchBase "OU=Test,DC=Manticore,DC=org" | Disable-ADAccount
}
or you can add the OU to the CSV fileImport-CSV D:\tmp\UsersToDisable.csv |
ForEach-Object {
Get-ADUser -Filter "sAMAccountName -eq '$.samaccountname'" -SearchBase "$.OU" | Disable-ADAccount
}