Modify PS script to show OU account was located in

Hey Experts!  I have a script that audits the AD environment for stale user and computer accounts.  The script logs which user and computer accounts are disabled and moved to an "inactive" OU.  Instead of the inactive OU being recorded in the log file, I'd like to replace that part of the script with the OU that the user was in before it was moved.  That's the part I need help with.  Thanks in advance for your help!

Import-Module ActiveDirectory

$logPath = "C:\Tools\Logs\_Stale_Accounts\Stale_PCs_"  #directory to log output
$Date = Get-Date
$TodaysLog = $logPath + $Date.ToString('yyyy_MM-dd_HHmm') + ".log"
$FilterDate = $Date.AddDays(-49)

Function WriteLog($message) {
    $message = (Get-Date).ToShortTimeString() + " - " + $message
    Add-Content -Path $TodaysLog -Value $message
}

$DisabledOU = "OU=Computers,DC=local"

$StaleComputers = Get-ADComputer -SearchBase "OU=Depts,DC=local" -Filter * -Properties DistinguishedName, SAMAccountName, lastLogonTimeStamp |
	Where-Object {[DateTime]::FromFileTime($_.lastLogonTimeStamp) -lt $FilterDate}

If ($StaleComputers) {
	ForEach ($Computer in $StaleComputers) {
		Try {
			Disable-ADAccount -Identity $Computer.DistinguishedName -ErrorAction Stop
			WriteLog -Message "Disabled $($Computer.SAMAccountName)"
		} Catch {
			WriteLog -Message "Failed to disable $($Computer.SAMAccountName): $($_.Exception.Message)"
		}
    
		Try {
			Move-ADObject -Identity $Computer.DistinguishedName -TargetPath $DisabledOU -ErrorAction Stop
			WriteLog -Message "Moved $($Computer.SAMAccountName) to $($DisabledOU)"
		} Catch {
			WriteLog -Message "Failed to move $($Computer.SAMAccountName) to $($DisabledOU): $($_.Exception.Message)"
		}
	}
} Else {
	WriteLog -Message "No stale computer accounts found."
}

Open in new window

LVL 9
samiam41Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

PberSolutions ArchitectCommented:
just change this line
Message "Moved $($Computer.SAMAccountName) to $($DisabledOU)"
to

Message "Moved $($Computer.SAMAccountName) to $($Computer.DistinguishedName)"
1

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
PberSolutions ArchitectCommented:
you might need to save it in a variable before the move:

$oldOU = $Computer.DistinguishedName

then

Message "Moved $($Computer.SAMAccountName) to $($oldOU)"
0
PberSolutions ArchitectCommented:
Sorry was using my phone and it sucks for answering questions.


		Try {
             $oldOU = $Computer.DistinguishedName      
			Disable-ADAccount -Identity $Computer.DistinguishedName -ErrorAction Stop
			WriteLog -Message "Disabled $($Computer.SAMAccountName)"
		} Catch {
			WriteLog -Message "Failed to disable $($Computer.SAMAccountName): $($_.Exception.Message)"
		}"Moved $($Computer.SAMAccountName) to $($oldOU)"

Open in new window

0
ON-DEMAND: 10 Easy Ways to Lose a Password

Learn about the methods that hackers use to lift real, working credentials from even the most security-savvy employees in this on-demand webinar. We cover the importance of multi-factor authentication and how these solutions can better protect your business!

samiam41Author Commented:
Brilliant!!  Thanks for the quick reply!  I didn't need the last part you submitted.

The only change I made to what you posted was substituted "to" to "from".  That way the log entry show * moved from OU path.
0
PberSolutions ArchitectCommented:
OK, no problem  Sorry ended up copying the disable code instead of the move code.
1
samiam41Author Commented:
All good friend.  I appreciate your brilliance and time with this.  Helps me out and I'm learning from experts like you.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Powershell

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.