?
Solved

Powershell: Move all disabled AD accounts to "Ex Employees" OU

Posted on 2013-01-21
5
Medium Priority
?
935 Views
Last Modified: 2013-01-22
Can someone please help. I need to find all disabled user accounts and move them to a specified OU called "Ex Employees" using Powershell.

It would be great if the domain name and OU had a variable so I can use this in multiple environments easily.

THanks!

A.
0
Comment
Question by:Angeal
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 35

Expert Comment

by:Joseph Daly
ID: 38802047
This is very simple using the quest cmdlets.

Get-qaduser -disabled | move-qadobject -NewParentContainer {distinguished name of EX employees ou}
0
 

Author Comment

by:Angeal
ID: 38802126
Xxdcmast,

I would prefer to use the builtin AD cmdlets, if possible.

Thanks!

A.
0
 
LVL 40

Accepted Solution

by:
Subsun earned 2000 total points
ID: 38802214
Following powershell command Works on Server 2008 R2 domain controllers..
Import-Module ActiveDirectory
Get-ADUser -LDAPFilter {(useraccountcontrol:1.2.840.113556.1.4.803:=2)} | Move-ADObject -targetpath 'OU=Ex Employees,DC=Domain,DC=Com'

Open in new window


Edit : Add -SearchBase if you want to search based on OU's..
Import-Module ActiveDirectory
Get-ADUser -LDAPFilter {(useraccountcontrol:1.2.840.113556.1.4.803:=2)} -SearchBase "OU=Emp,DC=Domain,DC=Com" | Move-ADObject -targetpath 'OU=Ex Employees,DC=Domain,DC=Com'

Open in new window

0
 

Author Comment

by:Angeal
ID: 38805845
Hi Subsun,

Works like a charm! Thanks for your help!.

A.
0
 
LVL 40

Expert Comment

by:Subsun
ID: 38805874
You're Welcome!!
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently we ran in to an issue while running some SQL jobs where we were trying to process the cubes.  We got an error saying failure stating 'NT SERVICE\SQLSERVERAGENT does not have access to Analysis Services. So this is a way to automate that wit…
Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question