Looking for a way to find if the AD disabled accounts have HOME folders in a specific CIFS share

Posted on 2016-08-15
Last Modified: 2016-08-21
Hi Experts,

I need help with the following:

I am working on the migration of a USER home directory CIFS share (very large). No clean up has been done since this was implemented and there are a lot of users that are disabled in AD but they still have their home folders as part of the CIFS share.

I've used PS to find all the AD disabled accounts. I am trying to find a way to see if those accounts have a folder that matches the name in a specific CIFS share (\\user\user\). If they do it would be great if they could be renamed to username_old or create a log somewhere for me to be able to trigger an action.

I currently have all the AD disabled account  information in a CSV file with the format below.

Could anyone let me know if there is a way for me to get this done without having to manually check over 4000 accounts?
--------------------------CSV looks like this
Question by:llarava
  • 2
  • 2
LVL 84

Expert Comment

ID: 41756966
So the csv has a header line, and the column is called samAccountName? And if it's a real csv, then you inserted the "--------------" line when posting it here?
This is in test mode and will only show which folders it would rename; remove the -WhatIf argument to run it for real.
It adds _old_ at the beginning of the folder name, so that you'll have all the old ones in a bunch when sorted.
Import-Csv D:\Temp\DisabledAccounts.csv | % {If ($Path = Get-Item "\\<Server>\<Share>\$($_.SamAccountName)" -ea si) {Rename-Item -Path $Path.FullName -NewName "_Old_$($Path.Name)" -WhatIf}}

Open in new window

LVL 65

Expert Comment

ID: 41757341
Hi, here's an old crude script (VBS) that we run to check each folder from a share against a valid AD user.  It will then output the folder size of folder that does not have an associated AD enabled account.

'Set the Path and Name for LogFile for results.
strFileAttach = "C:\Reports\Size_Check.txt"
'Set the email address(s), use semicolon between multiple addresses.
EmailAddress1 = ""
'Open The LogFile to write data into
Const ForWriting = 2
Set FSO = CreateObject("Scripting.FileSystemObject")
Set MyFile = FSO.OpenTextFile(strFileAttach, ForWriting, True)
'Write some headings to the LogFile
MyFile.WriteLine(" ")
MyFile.WriteLine("Check User Folders with Disabled or NO AD User Account")
MyFile.WriteLine(" ")
MyFile.WriteLine(" ")	
'ADD PATHS HERE to Call SubRoutine to evaluate different root Paths
showfolderlist "\\fileserver\sharedfolder"
'Close text file
'Call the email function per user
enotify EmailAddress1, strFileAttach

'Cycle through root folders and get data on SUBfolders (the actual user folders)
Sub ShowFolderList(folderspec)
	MyFile.WriteLine("Root Folder Path = " & folderspec & "\")
	MyFile.WriteLine(" ")	
	MyFile.WriteLine(" ")		
	Dim objFSO, objFolder, objSubfolder, colSubfolders, iduser, idlist, Size
	Set objFSO = CreateObject("Scripting.FileSystemObject")
	Set objFolder = objFSO.GetFolder(folderspec)
	Set colSubfolders = objFolder.SubFolders
	For Each objSubfolder In colSubfolders
    		iduser =
		If UserExists(iduser,sDisplayName) Then
			'User does exist, so could do something here if we want to.		
			'wscript.echo "AD Account found for " & iduser & "  " & sDisplayName
  			idlist = idlist & iduser & "   - Folder Size (MB) =  " & FormatNumber(((objSubFolder.Size/1024)/1024),2) & vbCrlf
  			Size = FormatNumber(((objSubFolder.Size/1024)/1024),2) 'Get running Total Folder Size
  			Result = Round(Result,2) + Round(Size,2)
  		End If

	MyFile.WriteLine("Total Data (MB) = " & result)
	MyFile.WriteLine(" ")
	MyFile.WriteLine(" ")	
	size = "0"
End Sub

Function UserExists(sUser,sDisplayName)
  Dim oConnection, oCommand, oRoot, sDNSDomain, sQuery, sFilter, oResults
  UserExists = False
  sDisplayName = sUser
  On Error Resume Next
  ' Use ADO to search the domain for all users.
  Set oConnection = CreateObject("ADODB.Connection")
  Set oCommand = CreateObject("ADODB.Command")
  oConnection.Provider = "ADsDSOOBject"
  oConnection.Open "Active Directory Provider"
  Set oCommand.ActiveConnection = oConnection
  ' Determine the DNS domain from the RootDSE object.
  Set oRoot = GetObject("LDAP://RootDSE")
  sDNSDomain = oRoot.Get("DefaultNamingContext")
    sFilter = "(&(ObjectClass=user)(ObjectCategory=person)(samAccountName=" & sUser & ")(!(useraccountcontrol:1.2.840.113556.1.4.803:=2)))"
  sQuery = "<LDAP://" & sDNSDomain & ">;" & sFilter & ";displayName;subtree"
  oCommand.CommandText = sQuery
  oCommand.Properties("Page Size") = 100
  oCommand.Properties("Timeout") = 30
  oCommand.Properties("Cache Results") = False
  Set oResults = oCommand.Execute
  Do Until oResults.EOF
    if oResults.Fields("displayName") <> "" then
      sDisplayName = oResults.Fields("displayName")
      UserExists = True
    End if
  On Error Goto 0
End Function

'Code to send email message with attachement
Function enotify(EmailAddress, strFileAttach)
Set objMessage = CreateObject("CDO.Message") 
objMessage.Subject = "User Folders with Disabled or NO AD User Account"
objMessage.From = "" 
objMessage.To = EmailAddress
objMessage.TextBody = "Report showing User Folders with Disabled or NO AD User Account."
objMessage.AddAttachment strFileAttach
'==This section provides the configuration information for the remote SMTP server.
'==Normally you will only change the server name or IP.
objMessage.Configuration.Fields.Item _
("") = 2 
'Name or IP of Remote SMTP Server
objMessage.Configuration.Fields.Item _
("") = "x.x.x.x"
'Server port (typically 25)
objMessage.Configuration.Fields.Item _
("") = 25 
'==End remote SMTP server configuration section==
End Function

Open in new window


Author Comment

ID: 41758753

So the csv has a header line, and the column is called samAccountName? yes, I have remove it. Basically all the CSV has at this point is just usernames:


I've tried the following:

Import-Csv C:\Temp\DisabledAccounts.csv | % {If ($Path = Get-Item "\\share\user\$($_.SamAccountNa
me)" -ea si) {Rename-Item -Path $Path.FullName -NewName "_Old_$($Path.Name)" -WhatIf}}

No errors but I don't get any output back...

What am I missing?

Author Comment

ID: 41758757
Additionally I've tested the following

Import-Csv C:\Temp\DisabledAccounts.csv | % {If ($Path = Get-Item "\\share\user\$($_.SamAccountNa
me)" -ea si) {Rename-Item -Path $Path.FullName -NewName "_Old_$($Path.Name)" } errors but the home user folder it's not being renamed.
LVL 84

Accepted Solution

oBdA earned 500 total points
ID: 41758885
Don't remove the header line. Without the header line, Import-Csv won't know the column name(s). I was only wondering about the "-----" line - this shouldn't be in the file.
If you'd rather work with a file only containing user names, the script would look like this (the "$($_)" will be replaced with the user name from the file):
Get-Content D:\Temp\DisabledAccounts.txt | % {If ($Path = Get-Item "\\<Server>\<Share>\$($_)" -ea si) {Rename-Item -Path $Path.FullName -NewName "_Old_$($Path.Name)" -WhatIf}} 

Open in new window


Featured Post

Backup Solution for AWS

Read about how CloudBerry Backup fully integrates your backups with Amazon S3 and Amazon Glacier to provide military-grade encryption and dramatically cut storage costs on any platform.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
A recent project that involved parsing Tableau Desktop and Server log files to extract reusable user queries for use in other systems. I chose to use PowerShell to gather the data, and SharePoint to present it...
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question