Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


Looking for a way to find if the AD disabled accounts have HOME folders in a specific CIFS share

Posted on 2016-08-15
Medium Priority
Last Modified: 2016-08-21
Hi Experts,

I need help with the following:

I am working on the migration of a USER home directory CIFS share (very large). No clean up has been done since this was implemented and there are a lot of users that are disabled in AD but they still have their home folders as part of the CIFS share.

I've used PS to find all the AD disabled accounts. I am trying to find a way to see if those accounts have a folder that matches the name in a specific CIFS share (\\user\user\). If they do it would be great if they could be renamed to username_old or create a log somewhere for me to be able to trigger an action.

I currently have all the AD disabled account  information in a CSV file with the format below.

Could anyone let me know if there is a way for me to get this done without having to manually check over 4000 accounts?
--------------------------CSV looks like this
Question by:llarava
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
LVL 85

Expert Comment

ID: 41756966
So the csv has a header line, and the column is called samAccountName? And if it's a real csv, then you inserted the "--------------" line when posting it here?
This is in test mode and will only show which folders it would rename; remove the -WhatIf argument to run it for real.
It adds _old_ at the beginning of the folder name, so that you'll have all the old ones in a bunch when sorted.
Import-Csv D:\Temp\DisabledAccounts.csv | % {If ($Path = Get-Item "\\<Server>\<Share>\$($_.SamAccountName)" -ea si) {Rename-Item -Path $Path.FullName -NewName "_Old_$($Path.Name)" -WhatIf}}

Open in new window

LVL 65

Expert Comment

ID: 41757341
Hi, here's an old crude script (VBS) that we run to check each folder from a share against a valid AD user.  It will then output the folder size of folder that does not have an associated AD enabled account.

'Set the Path and Name for LogFile for results.
strFileAttach = "C:\Reports\Size_Check.txt"
'Set the email address(s), use semicolon between multiple addresses.
EmailAddress1 = ""
'Open The LogFile to write data into
Const ForWriting = 2
Set FSO = CreateObject("Scripting.FileSystemObject")
Set MyFile = FSO.OpenTextFile(strFileAttach, ForWriting, True)
'Write some headings to the LogFile
MyFile.WriteLine(" ")
MyFile.WriteLine("Check User Folders with Disabled or NO AD User Account")
MyFile.WriteLine(" ")
MyFile.WriteLine(" ")	
'ADD PATHS HERE to Call SubRoutine to evaluate different root Paths
showfolderlist "\\fileserver\sharedfolder"
'Close text file
'Call the email function per user
enotify EmailAddress1, strFileAttach

'Cycle through root folders and get data on SUBfolders (the actual user folders)
Sub ShowFolderList(folderspec)
	MyFile.WriteLine("Root Folder Path = " & folderspec & "\")
	MyFile.WriteLine(" ")	
	MyFile.WriteLine(" ")		
	Dim objFSO, objFolder, objSubfolder, colSubfolders, iduser, idlist, Size
	Set objFSO = CreateObject("Scripting.FileSystemObject")
	Set objFolder = objFSO.GetFolder(folderspec)
	Set colSubfolders = objFolder.SubFolders
	For Each objSubfolder In colSubfolders
    		iduser =
		If UserExists(iduser,sDisplayName) Then
			'User does exist, so could do something here if we want to.		
			'wscript.echo "AD Account found for " & iduser & "  " & sDisplayName
  			idlist = idlist & iduser & "   - Folder Size (MB) =  " & FormatNumber(((objSubFolder.Size/1024)/1024),2) & vbCrlf
  			Size = FormatNumber(((objSubFolder.Size/1024)/1024),2) 'Get running Total Folder Size
  			Result = Round(Result,2) + Round(Size,2)
  		End If

	MyFile.WriteLine("Total Data (MB) = " & result)
	MyFile.WriteLine(" ")
	MyFile.WriteLine(" ")	
	size = "0"
End Sub

Function UserExists(sUser,sDisplayName)
  Dim oConnection, oCommand, oRoot, sDNSDomain, sQuery, sFilter, oResults
  UserExists = False
  sDisplayName = sUser
  On Error Resume Next
  ' Use ADO to search the domain for all users.
  Set oConnection = CreateObject("ADODB.Connection")
  Set oCommand = CreateObject("ADODB.Command")
  oConnection.Provider = "ADsDSOOBject"
  oConnection.Open "Active Directory Provider"
  Set oCommand.ActiveConnection = oConnection
  ' Determine the DNS domain from the RootDSE object.
  Set oRoot = GetObject("LDAP://RootDSE")
  sDNSDomain = oRoot.Get("DefaultNamingContext")
    sFilter = "(&(ObjectClass=user)(ObjectCategory=person)(samAccountName=" & sUser & ")(!(useraccountcontrol:1.2.840.113556.1.4.803:=2)))"
  sQuery = "<LDAP://" & sDNSDomain & ">;" & sFilter & ";displayName;subtree"
  oCommand.CommandText = sQuery
  oCommand.Properties("Page Size") = 100
  oCommand.Properties("Timeout") = 30
  oCommand.Properties("Cache Results") = False
  Set oResults = oCommand.Execute
  Do Until oResults.EOF
    if oResults.Fields("displayName") <> "" then
      sDisplayName = oResults.Fields("displayName")
      UserExists = True
    End if
  On Error Goto 0
End Function

'Code to send email message with attachement
Function enotify(EmailAddress, strFileAttach)
Set objMessage = CreateObject("CDO.Message") 
objMessage.Subject = "User Folders with Disabled or NO AD User Account"
objMessage.From = "" 
objMessage.To = EmailAddress
objMessage.TextBody = "Report showing User Folders with Disabled or NO AD User Account."
objMessage.AddAttachment strFileAttach
'==This section provides the configuration information for the remote SMTP server.
'==Normally you will only change the server name or IP.
objMessage.Configuration.Fields.Item _
("") = 2 
'Name or IP of Remote SMTP Server
objMessage.Configuration.Fields.Item _
("") = "x.x.x.x"
'Server port (typically 25)
objMessage.Configuration.Fields.Item _
("") = 25 
'==End remote SMTP server configuration section==
End Function

Open in new window


Author Comment

ID: 41758753

So the csv has a header line, and the column is called samAccountName? yes, I have remove it. Basically all the CSV has at this point is just usernames:


I've tried the following:

Import-Csv C:\Temp\DisabledAccounts.csv | % {If ($Path = Get-Item "\\share\user\$($_.SamAccountNa
me)" -ea si) {Rename-Item -Path $Path.FullName -NewName "_Old_$($Path.Name)" -WhatIf}}

No errors but I don't get any output back...

What am I missing?

Author Comment

ID: 41758757
Additionally I've tested the following

Import-Csv C:\Temp\DisabledAccounts.csv | % {If ($Path = Get-Item "\\share\user\$($_.SamAccountNa
me)" -ea si) {Rename-Item -Path $Path.FullName -NewName "_Old_$($Path.Name)" } errors but the home user folder it's not being renamed.
LVL 85

Accepted Solution

oBdA earned 2000 total points
ID: 41758885
Don't remove the header line. Without the header line, Import-Csv won't know the column name(s). I was only wondering about the "-----" line - this shouldn't be in the file.
If you'd rather work with a file only containing user names, the script would look like this (the "$($_)" will be replaced with the user name from the file):
Get-Content D:\Temp\DisabledAccounts.txt | % {If ($Path = Get-Item "\\<Server>\<Share>\$($_)" -ea si) {Rename-Item -Path $Path.FullName -NewName "_Old_$($Path.Name)" -WhatIf}} 

Open in new window


Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question