Advertisement
TimSutton

RetiredUsers

Jan 7th, 2014
559
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. # RetiredUser.ps1
  2. # Description - script to automate basic retiring of user account.
  3. #
  4. # Created: 06/01/04
  5. # Creator: Tim Sutton
  6.  
  7.  
  8. # This is where we define the parameters.
  9. # It prompts for username and your initials.
  10. Param (
  11. [Parameter(Mandatory=$true)]
  12. [string]$Username,
  13. [Parameter(Mandatory=$true)]
  14. [string]$YourInitials
  15. )
  16.  
  17. # This prompts for the new password for the account.
  18. $newpassword = Read-Host "Type new password:" -AsSecureString
  19.  
  20. # Set Date Variables
  21. $Year = (Get-Date).ToString("yyyy")  
  22. $Month = (Get-Date).ToString("MM")
  23. $Day = (Get-Date).ToString("dd")
  24.  
  25.  
  26. # Clear account details
  27. Get-ADUser $Username | Set-ADUser -Company $null -Department $null -Description $null -Fax $null -HomePhone $null -MobilePhone $null -Office $null -PostalCode $null -State $null -StreetAddress $null -City $null -OfficePhone $null -Title $null -HomePage $null
  28.  
  29. # Remove all group memberships bar Domain Users
  30. # Note: this will cause an error as it won't be able to remove the Domain Users group. This is expected for v1 of the script.
  31. Get-ADPrincipalGroupMembership -Identity $Username | % {Remove-ADPrincipalGroupMembership -Identity $Username -MemberOf $_ -confirm:$false}
  32.  
  33. # Set description
  34. Get-ADUser $Username | Set-ADUser -Description "$Year-$Month-$Day Moved to retired OU - $YourInitials"
  35.  
  36. # Set Password
  37. Get-ADUser $Username |Set-ADAccountPassword -Reset -NewPassword $newpassword
  38.  
  39. # Move to retired ou
  40. Get-ADUser $Username | Move-ADObject -TargetPath 'ou=retired accounts,ou=uk,dc=domain,dc=local'
  41.  
  42.  
  43. Exit
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement