Remove disabled users from Active Directory and Exchange 2010


I would like to know if possible I want a script or a tool which checks Active Directory and if the user is not there or is disabled, it disables their email account in Exchange 2010. Is this possible to do without having to do this manually as there are a lot of accounts.

Aamir AhmadAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

FOXActive Directory/Exchange EngineerCommented:
In your exchange management shell run the below

import-module ActiveDirectory
$User=Get-ADuser -filter {enabled -eq $false} |  Disable-Mailbox $User
Muhammad MullaSystems AdministratorCommented:
I believe this would need to be done via a script or through Powershell. Although you do need to be careful, as resource mailboxes should have their AD accounts disabled as best practise.

I would do this via two separate scripts. One to collect all disabled accounts into a csv. Then a second to import the csv and disable the exchange accounts. This way, you could review the csv and remove any accounts that should have active mailboxes even if the AD account is disabled.
Muhammad MullaSystems AdministratorCommented:
Foxluv's comment has the commands, but you could split it and pipe the first part into and export-csv and then to the second part with a pipe in from import-csv.
Aamir AhmadAuthor Commented:
thanks for this, can you please provide the command line or script for this.
FOXActive Directory/Exchange EngineerCommented:
You will run these scripts from the exchange management shell.

Building upon OfflineGeek's statement I have included 2 small scripts.  
1.  Rename the scripts to .ps1 each as EE doesn't allow powershell attachments
2.  Run getdisabled.ps1 first then go to the .csv file(open it in notepad) and clean it up.  You want to remove the title samaccountname at the top.  You only want useraccounts in your list.
3.   Now run disablemailbox.ps1

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.