Alert if user is disabled in AD

Home Forums Scripting PowerShell Alert if user is disabled in AD

Tagged: 

This topic contains 1 reply, has 2 voices, and was last updated by Avatar wullieb1 3 months, 4 weeks ago.

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • CaTBuS
    CaTBuS
    Participant
    #615599

    I manage a small app with about 60 users, all managed internally. Because I don’t get alerts when users become “inactive” (quit, terminated, etc.), I wrote the below script to ensure users are deleted when they leave. The script a list of user id’s from a text file and 3 AD groups then does a compare. If there is a change, meaning one of the users is no longer in one of the three specified groups; an email is sent out and I know to delete them from the system. Here is my current script:

    Since writing this code, I’ve discovered the cmdlet, (Get-ADUser -Identity $user).Enabled

    I’m trying to modify the code above so for each user in the list, it checks if the “Enabled” status is true or false, if false; the users get sent to me via email. I’ve tried a bunch of things but can’t figure it out. I would appreciate any feedback/ideas.

    Avatar
    wullieb1
    Moderator
    #615627

    Something like this should work, i don’t have anything that i can test with at the moment

    foreach ($g in $groups) {

    $member += (Get-ADGroupMember -Identity $g).sAMAccountName

    }

    foreach($m in $member) {

    if ( -Not (Get-ADUser -Identity $m).Enabled) {

    $diff =+ $m

    }

    }

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.