<div>
Outstanding. &nbsp;Simple, elegant.
</div>


<div>
<div class="content wysiwyg-content">
Folks -<br />
<br />
I need help crafting a Powershell script to filter through an OU and all Sub-OUs inspecting user accounts. &nbsp;The goal is to end up with all the accounts in the parent OU and below being disabled. &nbsp;However, I only want to modify the account if it is currently enabled. &nbsp;In other words, to keep my audit logs clean, I don't want to run through setting the UserAccountControl flag for every single account to Disabled. &nbsp;That clutters my logs with thousands and thousands of &quot;User Account Management&quot; events. &nbsp;I only want to change accounts that are currently enabled.<br />
<br />
Hopefully this makes sense. &nbsp;The script should target a given OU, all the user accounts in it and in Sub OUs, and should disable only accounts that are currently enabled. &nbsp;Placing the DN of the top-most OU in the code is just fine, it doesn't need to accept parameters off the command line.<br />
<br />
Thanks!
</div>
</div>


Folks -

I need help crafting a Powershell script to filter through an OU and all Sub-OUs inspecting user accounts.  The goal is to end up with all the accounts in the parent OU and below being disabled.  However, I only want to modify the account if it is currently enabled.  In other words, to keep my audit logs clean, I don't want to run through setting the UserAccountControl flag for every single account to Disabled.  That clutters my logs with thousands and thousands of "User Account Management" events.  I only want to change accounts that are currently enabled.

Hopefully this makes sense.  The script should target a given OU, all the user accounts in it and in Sub OUs, and should disable only accounts that are currently enabled.  Placing the DN of the top-most OU in the code is just fine, it doesn't need to accept parameters off the command line.

Thanks!

Need a Powershell script to go through an OU and all Sub-OUs disabling any user accounts NOT ALREADY DISABLED.

Active Directory (AD) is a Microsoft brand for identity-related capabilities. In the on-premises world, Windows Server AD provides a set of identity capabilities and services, and is hugely popular (88% of Fortune 1000 and 95% of enterprises use AD). This topic includes all things Active Directory including DNS, Group Policy, DFS, troubleshooting, ADFS, and all other topics under the Microsoft AD and identity umbrella.

Active Directory

The Microsoft Legacy Operating System topic includes legacy versions of Microsoft operating systems prior to Windows 2000: All versions of MS-DOS and other versions developed for specific manufacturers and Windows 3/3.1, Windows 95 and Windows 98, plus any other Windows-related versions, and Windows Mobile.

Microsoft Legacy OS

Windows Server 2008 and Windows Server 2008 R2, based on the Microsoft Vista codebase, is the last 32-bit server operating system released by Microsoft. It has a number of versions, including including Foundation, Standard, Enterprise, Datacenter, Web, HPC Server, Itanium and Storage; new features included server core installation and Hyper-V.