Solved

Remove Disabled Users from an AD security group

Posted on 2011-03-16
4
1,186 Views
Last Modified: 2012-05-11
Hello...

Is there a way to remove ONLY disabled users from an AD security group via VB script?

TY,
Quan
0
Comment
Question by:qvn7
  • 2
4 Comments
 
LVL 65

Expert Comment

by:RobSampson
ID: 35153895
Hi, this script will remove disabled accounts from the specified Active Directory group.

Regards,

Rob.
Const ADS_UF_ACCOUNTDISABLE = 2
Set objGroup = GetObject("LDAP://CN=TestUsers,OU=TestOU,DC=Domain,DC=Com")
For Each objUser In objGroup.Members
	If objUser.Class = "user" Then
		intUAC = objUser.userAccountControl
		If intUAC And ADS_UF_ACCOUNTDISABLE Then
			WScript.Echo Mid(objUser.Name, 4) & " is disabled"
			objGroup.Remove objUser.AdsPath
			WScript.Echo Mid(objUser.Name, 4) & " was removed from " & Mid(objGroup.Name, 4)
		Else
			WScript.Echo Mid(objUser.Name, 4) & " is not disabled"
		End If
	End If
Next
MsgBox "Done"

Open in new window

0
 

Author Comment

by:qvn7
ID: 35156818
Thanks to those who provided great suggestions/solutions.  Appreciate it very much!!!
0
 
LVL 65

Accepted Solution

by:
RobSampson earned 500 total points
ID: 35162338
Did it work well enough for you to close the question?  I noticed you posted another question, I'll check it out.

Regards,

Rob.
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
GPO policy question 4 35
how to Classify of email (pdf attachments) 7 36
User account lockout - Server 2012R2 7 30
WMI - Issue Server 2012 R2 1 8
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question