Managing user accounts efficiently is a critical aspect of maintaining an organized and secure Active Directory environment. In this blog post, we’ll delve into a PowerShell script designed to streamline the process of exporting information about all disabled users from Active Directory.
Active Directory serves as the backbone for user and resource management in Windows environments. PowerShell, with its scripting capabilities, allows administrators to automate repetitive tasks, improving efficiency and accuracy.
Our objective is to create a PowerShell script that retrieves and exports details about all disabled users in Active Directory to a CSV file. This script can be a valuable tool for administrators seeking to maintain an up-to-date record of disabled accounts.
Script Implementation:
Let’s walk through the steps of the PowerShell script:
# Import the Active Directory module
Import-Module ActiveDirectory
# Specify the output file path
$outputFilePath = "C:\ad_script\DisabledUsers.csv"
# Get all disabled users and export to CSV
Get-ADUser -Filter {Enabled -eq $false} -Properties * | Select-Object SamAccountName, DisplayName, GivenName, Surname, UserPrincipalName, Enabled | Export-Csv -Path $outputFilePath -NoTypeInformation
Write-Host "Disabled users exported to $outputFilePath"
This script follows a similar structure to the one for exporting enabled users. It does the following:
1. Imports the Active Directory module.
2. Specifies the output file path where the CSV file will be saved.
3. Uses Get-ADUser to retrieve all disabled users with a filter for the "Enabled" property set to $false.
4. Selects specific user properties.
5. Exports the selected user information to a CSV file using Export-Csv.
6. Remember to replace "C:\Path\To\Export\DisabledUsers.csv" with the actual path where you want to save the CSV file. Save the script with a .ps1 extension and execute it in a PowerShell environment with appropriate permissions to query Active Directory.
This PowerShell script offers a straightforward solution for exporting information about disabled users from Active Directory. By regularly running this script, administrators can maintain an organized record of disabled accounts, aiding in security and compliance efforts.