Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 781
  • Last Modified:

I would like powershell script to give me list of users that are disabled in AD by using a csv file.

I have a csv file with list of samaccountname in it. I would like to import this csv file into a powershell script that queries AD to see if the users in the csv are accounts that are disable or enabled. I need to have the answer sent to another csv file.
0
mrsnetops
Asked:
mrsnetops
  • 7
  • 5
1 Solution
 
Vaseem MohammedCommented:
Use below liner to get details of all users.
Get-ADUser -ResultSetSize $null -Filter * -Properties * | Select DisplayName, SAMAccountName, Enabled | sort Enabled | FT -AutoSize

Open in new window

0
 
Vaseem MohammedCommented:
Your csv file should have a header as "username" or else change the $user.<username> to whatever header you have got.

$userlist = Import-Csv D:\userlist.csv
foreach($user in $userlist){
    Get-ADUser -Identity $user.username -Properties * | Select DisplayName, SAMAccountName, Enabled
    }

Open in new window

0
 
mrsnetopsAuthor Commented:
I have a CSV file  that I have list of samaccountname. I need to know of this list which are disabled and which are not in Active directory. This one liner looks like it  queries AD and gives me all the disabled acounts in AD. I only want to know about the ones in the CSV that I am importing. I am trying to narrow down this list of users in the csv file.

Thanks
Jeff
0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 
mrsnetopsAuthor Commented:
Sorry, you must have posted again while I was typing last set.  I would like the results sent to another csv file so that I can delete all the diabled accouints from the list.
0
 
Vaseem MohammedCommented:
You can save the csv as xlsx and use filter to get required results

OR

Below script will display the results in PS console as well as output it to a csv file.

$report = @()
$userlist = Import-Csv D:\userlist.csv
foreach($user in $userlist){
    $userdata = Get-ADUser -Identity $user.username -Properties * | Select DisplayName, SAMAccountName, Enabled
    if($userdata.Enabled -eq "False"){
    $status = "Disabled"
    $objA = new-object psobject
    $objA | Add-Member NoteProperty -Name "Display Name" -Value $userdata.DisplayName
    $objA | Add-Member NoteProperty -Name "User Name" -Value $userdata.SAMAccountName
    $objA | Add-Member NoteProperty -Name "Status" -Value $status

    $report = $report += $objA
    }
 }
$report | FT -AutoSize

$report | Export-Csv -Path d:\Disabled-Accounts-Report.csv -NoTypeInformation

Open in new window

0
 
mrsnetopsAuthor Commented:
I ran this and it worked well. But I probably didn't communitcate this in the best way.  csv results gave me all the users that are disabled which is fine but it only gave me the disable ones in the report. I guess I am really more interested in the ones from the my original list that are active enable accounts.  I am trying to narrow down this list and I know most of them are disabled but dont know which ones. So once I get the results I was going to delete the disabled users and I would only have the ones I was really interested in.  

I guess I should be able to change the  the "false" to "True" and then "disabled" to "enabled" but will it put only the enabled users in the result and dump all the disabled users.

sorry it was my mistake.

Thanks
Jeff McCormick
0
 
mrsnetopsAuthor Commented:
I thought this script was working. But I was wrong. I checked the ones that came up as disabled in the csv file and they are atually active working accounts. The are not disabled.
0
 
mrsnetopsAuthor Commented:
I am not trying to remove them or even change the status of these accounts I just wanted to know from the file that I am importing which ones are disabled accounts and which ones are enabled.

The list i have contain 900 accounts I would rather not have to manually go through them all to see if they are active or not.
0
 
mrsnetopsAuthor Commented:
Actually upon further investigation.  This script  that eported Csv file actually contained only active accounts although the report showed them status disabled. I found all the accounts that were disabled were left out of the exported csv file.  Which in the end is what i wanted but just letting you know that the report is displaying incorrectly. I don't think this is what you intended. I am not sure how it worked like it did.

Thanks
Jeff
0
 
SubsunCommented:
Try the following code ad see if you get the expected result..
Import-Module Activedirectory
GC C:\user.txt | % {
$User = $_
	Try {
	Get-ADUser $User -Properties Enabled | Select Samaccountname,Enabled
	}
	catch{
	"" | Select @{n="Samaccountname";e={$User}},@{n="Enabled";e={"Not in AD"}}
	}
} | Export-Csv C:\report.csv -nti

Open in new window

Input file C:\user.txt format..
UserA
UserB
UserC

Open in new window

0
 
Vaseem MohammedCommented:
Ok, found out where it went wrong.
just replace
if($userdata.Enabled -eq "False")

Open in new window

with
if($userdata.Enabled -match "False")

Open in new window

UserListuserlistDisabled AccountsdisabledAcctAlso Note on Line 4:Get-ADUser -Identity $user.username "username" is the header of column which contains SAMAccountName, if your csv file is having something else, please use that heading by replacing the word "username"
0
 
mrsnetopsAuthor Commented:
Will the output report only have disabled accounts or will it show both but the ones that are disable will show status of disabled?
0
 
Vaseem MohammedCommented:
I have provided the results in screenshot above, 1st one is the list of all users and second screenshot is the report generated by running script which gives those accounts that are disabled (Enabled = False)
0

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

  • 7
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now