nav2567
asked on
script to check if a list of users' AD account is disabled.
Hello,
I have a text file which contains a user list and would like to create a script to check if their AD account is disabled and echo the names if they are.
What command should I use in my script?
Thanks.
I have a text file which contains a user list and would like to create a script to check if their AD account is disabled and echo the names if they are.
What command should I use in my script?
Thanks.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks.
Would you modify the script to output the disabled account names into c:\disabled-users.txt?
Also, what extension should I use to save this scipt so it will be opened by ActiveRoles Management Shell automatically when I double click on it?
Would you modify the script to output the disabled account names into c:\disabled-users.txt?
Also, what extension should I use to save this scipt so it will be opened by ActiveRoles Management Shell automatically when I double click on it?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
$UserCol = Get-Content C:\users.txt
$DisabledUsers = @()
$UserCol | ForEach-Object {
$user = Get-QADUser -SearchRoot "dc=yourdomain,dc=com" -Identity $_ -DontUseDefaultIncludedProperties -IncludedProperties AccountIsDisabled
if($user.AccountIsDisabled){
Write-Output "User account: $($user.NTAccountName) is disabled"
$DisabledUsers += $_.NTAccountName
}
}
$DisabledUsers | Set-Content C:\DisabledUsers.txt
You'll have to save the script with a ".ps1" extension. So say you save the script in C:\scripts, open up a shell window, cd to C:\scripts, and type the name of the script "myscript.ps1"
ASKER
I tried the first PS1 script yesterday and it works. Thanks.
I also tried the other "simple line" but it did not work.
I would like to look into one more option which is to use the Windows native command DSQUERY USER.
Anyone knows how to do this?
I also tried the other "simple line" but it did not work.
I would like to look into one more option which is to use the Windows native command DSQUERY USER.
Anyone knows how to do this?
hi check out this scripts written by Richard L Mueller
http://www.rlmueller.net/Programs/IsUserLocked.txt
Hope it works for you.
http://www.rlmueller.net/Programs/IsUserLocked.txt
Hope it works for you.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Would you help me to create a script to read my USERS.TXT and list out all the "DISABLED" users?