Set ad account expiration to none

Hello to all,

Hope you can help me.

I need to run powershell script on Active directory server and change users that have an expiration date to none.
I have a list of all users in csv file.

I found the command and it is working good, but don’t know how to do it to for multiple users.

Clear-ADAccountExpiration

Thank you
Amir :slight_smile:

Amir,
before changing a productive Active Directory I would recommend for you to start by learning the basics of Powershell. A command you found with google is not a good base to manage a productive environment even though it would be the right command for what you want to do.

Here you can start learning PowerShell for free: Microsoft Virtual Academy - Getting Started with Microsoft PowerShell.
In this process you would learn as well how to do repetitive tasks.
With a basic understanding of Powershell you can even find some already written scripts and adapt them for your needs.
Here you can find some: Powershell Gallery or TechNet Gallery - resources for IT professionals

If you then have a specific problem with some code you wrote or with a cmdlet you don’t understand you can come back here and we will try to answer your questions. But I think it is beyond the scope of this forum to write a script for you or to teach you one cmdlet at a time how to write scripts.

Good luck and have a lot of fun.

Thank you for taking the time to answer.

I do have a basic knowledge of Powershell commands, but having difficulties composing scripts from scratch.

I did try to find a similar script in the examples and other places, but didn’t find exactly what i needed.

Thanks again.

Amir

I do have a basic knowledge of Powershell commands, but having difficulties composing scripts from scratch.
For me these two statements contradict each other.
I did try to find a similar script in the examples and other places, ...
What did you search for and where? I posted 2 links in my first answer where you can find scripts.
but didn't find exactly what i needed
That's ne normal case I think. You always will have to adapt scripts found in the internet for your specific needs and environment. What you ask for is actually a one liner. And in its simplest form even a short one. You just need Import-CSV and Foreach-Object.

There is no need to do this from scratch.
Windows will write the code for you, you just have to use the tool that does this.

You could use the ADAC to click through this type of config and the ADAC will write this code for you, which you can save and tweak to your needs for future use cases. See:

Introduction to Active Directory Administrative Center Enhancements
(Level 100)
docs.microsoft.com/en-us/windows-server/identity/ad-ds/get-started/adac/introduction-to-active-directory-administrative-center-enhancements--level-100-

Use Active Directory Administrative Center to Create PowerShell Commands in
Windows Server 2012
Use Active Directory Administrative Center to Create PowerShell Commands in Windows Server 2012 | Petri IT Knowledgebase

Step-By-Step: Utilizing PowerShell History Viewer in Windows Server 2012 R2
blogs.technet.microsoft.com/canitpro/2015/03/04/step-by-step-utilizing-powershell-history-viewer-in-windows-server-2012-r2

You can use below code to identify the users

Import-Csv c:\users.csv | ForEach
{
Clear-ADAccountExpiration -identity $_.sAMAccountName
}