Removing Disabled users from AD

On March 17, 2018

Removing Disabled users from AD

Here, I am assuming that you have separate OU’s for Application specific accounts. As, some of the applications will create a disabled user account to function (Ex. Exchange creates a disabled user accounts for SystemMailbox)

Its always best to use the ‘SearchBase’ while we query on bulk accounts. To get the list of Disabled users on the OU “Contoso Users”, Run the below command. You may need this list for future reference.

Get-ADUser -Filter {Enabled -eq 'False'}  -SearchBase "OU=Contoso Users,OU=Contoso,DC=Contoso,DC=com" | Select DistinguishedName

Alternatively, you can export this list to a .Csv file using the below Cmdlet

Get-ADUser -Filter {Enabled -eq 'False'}  -Properties Name -SearchBase "OU=Contoso Users,OU=Contoso,DC=Contoso,DC=com" | Select Name,DistinguishedName | Export-Csv “./DisabledUsers.Csv”

This will create a .Csv file in the current directory of the PowerShell and will be similar as below Snip

To remove Disabled accounts, Run the below Cmdlets in an Elevated PowerShell.

Once you run the Cmdlet, you will be asked to confirm for deletion. Say Yes to All. It will delete all the AD Disabled user accounts.

Active Directory, PowerShell, Remove Disabled accounts, Remove user account

Removing Disabled users from AD

Removing Disabled users from AD

You May Also Like

[How To]Disk Cleanup using PowerShell

[How To]Use Event Logs in PowerShell Scripts

[How To] Create EventLog using PowerShell

Leave a Comment Cancel reply