Solved

Powershell: Move all disabled AD accounts to "Ex Employees" OU

Posted on 2013-01-21
5
926 Views
Last Modified: 2013-01-22
Can someone please help. I need to find all disabled user accounts and move them to a specified OU called "Ex Employees" using Powershell.

It would be great if the domain name and OU had a variable so I can use this in multiple environments easily.

THanks!

A.
0
Comment
Question by:Angeal
  • 2
  • 2
5 Comments
 
LVL 35

Expert Comment

by:Joseph Daly
ID: 38802047
This is very simple using the quest cmdlets.

Get-qaduser -disabled | move-qadobject -NewParentContainer {distinguished name of EX employees ou}
0
 

Author Comment

by:Angeal
ID: 38802126
Xxdcmast,

I would prefer to use the builtin AD cmdlets, if possible.

Thanks!

A.
0
 
LVL 40

Accepted Solution

by:
Subsun earned 500 total points
ID: 38802214
Following powershell command Works on Server 2008 R2 domain controllers..
Import-Module ActiveDirectory
Get-ADUser -LDAPFilter {(useraccountcontrol:1.2.840.113556.1.4.803:=2)} | Move-ADObject -targetpath 'OU=Ex Employees,DC=Domain,DC=Com'

Open in new window


Edit : Add -SearchBase if you want to search based on OU's..
Import-Module ActiveDirectory
Get-ADUser -LDAPFilter {(useraccountcontrol:1.2.840.113556.1.4.803:=2)} -SearchBase "OU=Emp,DC=Domain,DC=Com" | Move-ADObject -targetpath 'OU=Ex Employees,DC=Domain,DC=Com'

Open in new window

0
 

Author Comment

by:Angeal
ID: 38805845
Hi Subsun,

Works like a charm! Thanks for your help!.

A.
0
 
LVL 40

Expert Comment

by:Subsun
ID: 38805874
You're Welcome!!
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article runs through the process of deploying a single EXE application selectively to a group of user.
In-place Upgrading Dirsync to Azure AD Connect
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question