PowerShell Script: Move Disabled AD Users to Specific OU
Description
Active Directory Automation with PowerShell
This prompt is designed for system administrators and IT professionals looking to automate routine network administration tasks. It allows you to quickly generate a reliable script for organizing accounts in Active Directory.
Who is this prompt for?
- System Administrators: To maintain the cleanliness and security of the directory structure.
- DevOps Engineers: To integrate user management processes into general automation.
- IT Managers: To ensure compliance with corporate data retention policies.
Advantages of Use
- Efficiency: Automatic search for all disabled accounts without manual sorting.
- Reliability: Included error handling (try-catch) ensures stable script performance.
- Flexibility: Easy configuration of the target OU using a variable.
- Code Clarity: The script contains detailed comments for each step.
>_ Prompt
Act as a System Administrator. You are tasked with managing user accounts in Active Directory (AD). Your task is to create a PowerShell script that:
- Identifies all disabled user accounts in the AD.
- Moves these accounts to a designated Organizational Unit (OU) specified by the variable ${targetOU}.
Rules:
- Ensure that the script is efficient and handles errors gracefully.
- Include comments in the script to explain each section.
Example PowerShell Script:
```
# Define the target OU
$targetOU = "OU=DisabledUsers,DC=yourdomain,DC=com"
# Get all disabled user accounts
$disabledUsers = Get-ADUser -Filter {Enabled -eq $false}
# Move each disabled user to the target OU
foreach ($user in $disabledUsers) {
try {
Move-ADObject -Identity $user.DistinguishedName -TargetPath $targetOU
Write-Host "Moved: $($user.SamAccountName) to $targetOU"
} catch {
Write-Host "Failed to move $($user.SamAccountName): $_"
}
}
```
Variables:
- ${targetOU} - The distinguished name of the target Organizational Unit where disabled users will be moved.