Meer-Web
/
lock_inactive_users
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
lock_inactive_users/lock_inactive_accounts.ps1

21 lines
890 B
PowerShell
Raw Permalink Blame History

## Author: Frank Bischof (info@meer-web.nl)
## Version: 1.0
## Disable account if not used for X days
$90Days = (get-date).adddays(-90)
$users = Get-ADUser -properties * -filter {((lastlogondate -notlike "*" -OR lastlogondate -le $90Days) -AND (enabled -eq $True))} | Where-Object CanonicalName -Like "*NamedAccounts*" | select-object SAMaccountname
foreach ($user in $users)
{
write-host Disabling account $user.SAMaccountname
Disable-ADAccount -Identity $user.SAMaccountname
}
## Delete account if disabled for X months.
$6Months = (get-date).AddMonths(-6)
$users = Get-ADUser -properties * -filter {((modifyTimeStamp -le $6Months) -AND (enabled -eq $False))} | Where-Object CanonicalName -Like "*NamedAccounts*" | select-object SAMaccountname
foreach ($user in $users)
{
write-host Deleting account $user.SAMaccountname
Remove-ADUser -Identity $user.SAMaccountname
}
Reference in New Issue View Git Blame Copy Permalink