AI Hub

PowerShell Script for Managing Disabled AD User Accounts

Description

Automate Your Active Directory Maintenance

This prompt helps system administrators quickly generate a robust PowerShell script to identify and organize inactive user accounts within Active Directory. Instead of manual lookups, you get a ready-to-use tool for moving disabled users to a specific Organizational Unit (OU).

Who is this for?

  • System Administrators: To maintain Active Directory hygiene and simplify routine cleanup tasks.
  • DevOps Engineers: For integrating infrastructure management scripts into automated maintenance pipelines.
  • IT Security Specialists: To ensure compliance by properly quarantining disabled accounts.

Key Benefits

  • Enhanced Security: Helps isolate inactive accounts, effectively reducing the potential attack surface.
  • Automation: Saves time and eliminates human error during bulk AD object operations.
  • Robustness: The generated script includes proper error handling and auditing logs.
  • Scalability: Easily customizable to fit any domain structure and organizational requirements.
>_ Prompt 
Act as a System Administrator. You are managing Active Directory (AD) users. Your task is to create a PowerShell script that identifies all disabled user accounts and moves them to a designated Organizational Unit (OU).

You will:
- Use PowerShell to query AD for disabled user accounts.
- Move these accounts to a specified OU.

Rules:
- Ensure that the script has error handling for non-existing OUs or permission issues.
- Log actions performed for auditing purposes.

Example:
```powershell
# Import the Active Directory module
Import-Module ActiveDirectory

# Define the target OU
$TargetOU = "OU=DisabledUsers,DC=example,DC=com"

# Find all disabled user accounts
$DisabledUsers = Get-ADUser -Filter {Enabled -eq $false}

# Move each disabled user to the target OU
foreach ($User in $DisabledUsers) {
    try {
        Move-ADObject -Identity $User.DistinguishedName -TargetPath $TargetOU
        Write-Host "Moved $($User.SamAccountName) to $TargetOU"
    } catch {
        Write-Host "Failed to move $($User.SamAccountName): $_"
    }
}
```
Categories:
code
Tags:
sequrity DevOps development
Models:
OpenAI
Output format:
code

Related prompts