[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Searching for multiple AD user accounts in different AD containers to expire multiple accounts

Posted on 2012-09-06
7
Medium Priority
?
769 Views
Last Modified: 2012-09-06
I have a list of user names from accross multiple OUs that need to be expired at a certain date/time. The problem is when I do a search in AD, I can only search for one user name and not for multiple accounts or from a csv file.

The names of users from accross the different OUs are available in excel and therefore can be exported in alphabetical list etc.
0
Comment
Question by:saif1975
7 Comments
 
LVL 18

Accepted Solution

by:
Sushil Sonawane earned 1600 total points
ID: 38372709
Try AD-manager form manage engine. This product is avail trail base and GUI mode.

This will help you resolve your queries.

Download link :

(http://www.manageengine.com/products/ad-manager/index.html)
0
 
LVL 11

Expert Comment

by:g000se
ID: 38372713
Hi, you can run DSQuery to help with your search.  This will give you a list of users and you can use the pipe command to have the information populate to a file.  http://technet.microsoft.com/en-us/library/cc725702%28v=ws.10%29.aspx
0
 
LVL 35

Expert Comment

by:Joseph Daly
ID: 38372895
Depending on wether you want to disable or expire the accounts use the quest powershell cmdlets below.

Disable
Import-CSV {filename}.csv | ForEach {get-qaduser $_.name | disable-qaduser}

Expire
Import-CSV {filename}.csv | ForEach {get-qaduser $_.name | set-qaduser -accountexpires 5/5/2012}
0
Restore individual SQL databases with ease

Veeam Explorer for Microsoft SQL Server delivers an easy-to-use, wizard-driven interface for restoring your databases from a backup. No expert SQL background required. Web interface provides a complete view of all available SQL databases to simplify the recovery of lost database

 

Author Comment

by:saif1975
ID: 38373068
xxdcmast I ran the command but get the following error....


         Welcome to ActiveRoles Management Shell 1.5.1, a part of Quest ActiveRoles Server 6.7

 View ActiveRoles Server product page:     Get-QARSProductInfo
 Visit ActiveRoles Server community site:  Get-QARSCommunity
 List all cmdlets:                         Get-Command
 List only Management Shell cmdlets:       Get-QCommand
 View help:                                Get-Help
 View help about a cmdlet:                 Get-Help <cmdlet-name> or <cmdlet-name> -?
 View full output for a cmd:               <cmd> | Format-List

+ Import-CSV c:\temp\aleavers-100912.csv | ForEach {get-qaduser <<<<  $_.name | set-qaduser -accountexpires 10/09/2012}

    + CategoryInfo          : InvalidData: (:) [Get-QADUser], ParameterBindingValidationException
    + FullyQualifiedErrorId : ParameterArgumentValidationError,Quest.ActiveRoles.ArsPowerShellSnapIn.Powershell.Cmdlet
   s.GetUserCmdlet

Get-QADUser : Cannot validate argument on parameter 'Identity'. The argument is null or empty. Supply an argument that
is not null or empty and then try the command again.
At line:1 char:62
+ Import-CSV c:\temp\aleavers-100912.csv | ForEach {get-qaduser <<<<  $_.name | set-qaduser -accountexpires 10/09/2012}

    + CategoryInfo          : InvalidData: (:) [Get-QADUser], ParameterBindingValidationException
    + FullyQualifiedErrorId : ParameterArgumentValidationError,Quest.ActiveRoles.ArsPowerShellSnapIn.Powershell.Cmdlet
   s.GetUserCmdlet

Get-QADUser : Cannot validate argument on parameter 'Identity'. The argument is null or empty. Supply an argument that
is not null or empty and then try the command again.
At line:1 char:62
+ Import-CSV c:\temp\aleavers-100912.csv | ForEach {get-qaduser <<<<  $_.name | set-qaduser -accountexpires 10/09/2012}

    + CategoryInfo          : InvalidData: (:) [Get-QADUser], ParameterBindingValidationException
    + FullyQualifiedErrorId : ParameterArgumentValidationError,Quest.ActiveRoles.ArsPowerShellSnapIn.Powershell.Cmdlet
   s.GetUserCmdlet

Get-QADUser : Cannot validate argument on parameter 'Identity'. The argument is null or empty. Supply an argument that
is not null or empty and then try the command again.
At line:1 char:62
+ Import-CSV c:\temp\aleavers-100912.csv | ForEach {get-qaduser <<<<  $_.name | set-qaduser -accountexpires 10/09/2012}

    + CategoryInfo          : InvalidData: (:) [Get-QADUser], ParameterBindingValidationException
    + FullyQualifiedErrorId : ParameterArgumentValidationError,Quest.ActiveRoles.ArsPowerShellSnapIn.Powershell.Cmdlet
   s.GetUserCmdlet

Get-QADUser : Cannot validate argument on parameter 'Identity'. The argument is null or empty. Supply an argument that
is not null or empty and then try the command again.
At line:1 char:62
+ Import-CSV c:\temp\aleavers-100912.csv | ForEach {get-qaduser <<<<  $_.name | set-qaduser -accountexpires 10/09/2012}

    + CategoryInfo          : InvalidData: (:) [Get-QADUser], ParameterBindingValidationException
    + FullyQualifiedErrorId : ParameterArgumentValidationError,Quest.ActiveRoles.ArsPowerShellSnapIn.Powershell.Cmdlet
   s.GetUserCmdlet

Get-QADUser : Cannot validate argument on parameter 'Identity'. The argument is null or empty. Supply an argument that
is not null or empty and then try the command again.
At line:1 char:62
+ Import-CSV c:\temp\aleavers-100912.csv | ForEach {get-qaduser <<<<  $_.name | set-qaduser -accountexpires 10/09/2012}

    + CategoryInfo          : InvalidData: (:) [Get-QADUser], ParameterBindingValidationException
    + FullyQualifiedErrorId : ParameterArgumentValidationError,Quest.ActiveRoles.ArsPowerShellSnapIn.Powershell.Cmdlet
   s.GetUserCmdlet

Get-QADUser : Cannot validate argument on parameter 'Identity'. The argument is null or empty. Supply an argument that
is not null or empty and then try the command again.
At line:1 char:62
+ Import-CSV c:\temp\aleavers-100912.csv | ForEach {get-qaduser <<<<  $_.name | set-qaduser -accountexpires 10/09/2012}

    + CategoryInfo          : InvalidData: (:) [Get-QADUser], ParameterBindingValidationException
    + FullyQualifiedErrorId : ParameterArgumentValidationError,Quest.ActiveRoles.ArsPowerShellSnapIn.Powershell.Cmdlet
   s.GetUserCmdlet

Get-QADUser : Cannot validate argument on parameter 'Identity'. The argument is null or empty. Supply an argument that
is not null or empty and then try the command again.
At line:1 char:62
+ Import-CSV c:\temp\aleavers-100912.csv | ForEach {get-qaduser <<<<  $_.name | set-qaduser -accountexpires 10/09/2012}

    + CategoryInfo          : InvalidData: (:) [Get-QADUser], ParameterBindingValidationException
    + FullyQualifiedErrorId : ParameterArgumentValidationError,Quest.ActiveRoles.ArsPowerShellSnapIn.Powershell.Cmdlet
   s.GetUserCmdlet

Get-QADUser : Cannot validate argument on parameter 'Identity'. The argument is null or empty. Supply an argument that
is not null or empty and then try the command again.
At line:1 char:62
+ Import-CSV c:\temp\aleavers-100912.csv | ForEach {get-qaduser <<<<  $_.name | set-qaduser -accountexpires 10/09/2012}

    + CategoryInfo          : InvalidData: (:) [Get-QADUser], ParameterBindingValidationException
    + FullyQualifiedErrorId : ParameterArgumentValidationError,Quest.ActiveRoles.ArsPowerShellSnapIn.Powershell.Cmdlet
   s.GetUserCmdlet

Get-QADUser : Cannot validate argument on parameter 'Identity'. The argument is null or empty. Supply an argument that
is not null or empty and then try the command again.
At line:1 char:62
+ Import-CSV c:\temp\aleavers-100912.csv | ForEach {get-qaduser <<<<  $_.name | set-qaduser -accountexpires 10/09/2012}

    + CategoryInfo          : InvalidData: (:) [Get-QADUser], ParameterBindingValidationException
    + FullyQualifiedErrorId : ParameterArgumentValidationError,Quest.ActiveRoles.ArsPowerShellSnapIn.Powershell.Cmdlet
   s.GetUserCmdlet
0
 
LVL 35

Expert Comment

by:Joseph Daly
ID: 38373098
What does your csv look like? It should have a single column called name
0
 

Author Comment

by:saif1975
ID: 38373286
sushi84
AD Manager works!! Thanks for the tip
0
 

Author Closing Comment

by:saif1975
ID: 38373289
Great, it works!
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
Let's recap what we learned from yesterday's Skyport Systems webinar.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question