PowerShell Disable-ADAccount
So when disabling AD Objects I take alot of care and consideration on verifying the changes I am going to implement.
​
I would suggest running 3 sessions / scripts to pull and review all data before making a large change. to AD or anyhting for that matter.
#Step 1)
#List of First & Last Names from HR Dept.
# CSV Headers: Firstname,LastName
$HR_Info = Import-csv C:\temp\Users.csv
#Loop Through Accounts to be Disabled and Review -Results Are Exported to File
Foreach($User in $HR_Info){
Get-ADuser -Properties * -Filter * | Where{($_.GivenName -like`
"$($User.Firstname)") -and ($_.Surname -like "$($User.Lastname)")}`
| Select -ExpandProperty SamAccountName | Tee-Object C:\Temp\Disable_Accounts.txt -Append
}
#Step 2)
#Import List and Disaply to Screen
$Disable_Me = Get-content C:\temp\Disable_Accounts.txt
Foreach($Account in $Disable_Me){
Get-aduser $Account | select Givenname, Surname, Samaccountname, Enabled
}
#Step 3)
#Now if totally confident Disable Accounts in File
$Disable_Me = Get-content C:\temp\Disable_Accounts.txt
Foreach($Account in $Disable_Me){Get-aduser $Account | Disable-ADAccount}
Foreach($Account in $Disable_Me){
Get-aduser $Account | select Givenname, Surname, Samaccountname, enabled `
| Tee-Object C:\temp\Accounts-Disabled.txt -Append
}
remove-item C:\temp\Disable_Accounts.txt