Remove Disabled Users From a Managers Direct Report

Welcome Forums General PowerShell Q&A Remove Disabled Users From a Managers Direct Report

Viewing 3 reply threads
  • Author
    Posts
    • #265460
      Participant
      Topics: 1
      Replies: 1
      Points: 14
      Rank: Member

      When we disable users in our AD, they are moved to an Archive OU. When you view their managers AD properties, the disabled users still appear and there is no indication that the users is disabled.

      Is there a way to have Powershell go and find these situations? Either find a manager who that has users that are disabled, or to find a disabled user whose manager is enabled?

      If some functions exists, I’m hoping to run this every month to keep the AD a little cleaner.

    • #265826
      Participant
      Topics: 0
      Replies: 5
      Points: 9
      Rank: Member

      Not sure if the below script help your requirement.

      ### This will fetch the disabled user

      $b=get-aduser -filter {(Enabled -eq $False)} -Properties * |select Name,@{n=”Manager”;e={(get-aduser $_.manager).name}}
      $c=$b.manager
      foreach($d in $c){

      #### This will show the Manager who is enabled if the user is disabled
      get-aduser -Identity $d -Properties Enabled|where {$_.Enabled -eq $true}|select Name,Enabled

      }

      If this helps dive into other scripts in my website.

    • #266069
      Participant
      Topics: 16
      Replies: 1842
      Points: 3,514
      Helping Hand
      Rank: Community Hero

      What is generating the report? Is there an LDAP filter? The simplest solution would be to filter out the Archive OU from the reporting. Next, why not remove the managers from all disabled accounts and going forward remove the manager when disabling?

    • #266255
      Participant
      Topics: 1
      Replies: 1
      Points: 14
      Rank: Member

      I will try the script and see if that will work. If it doesn’t net what we want, we will just manually remove the managers from all disabled users and going forward remove the manager as part of the termination process.

       

      If the script does work I will report back.

Viewing 3 reply threads
  • You must be logged in to reply to this topic.