Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # RetiredUser.ps1
- # Description - script to automate basic retiring of user account.
- #
- # Created: 06/01/04
- # Creator: Tim Sutton
- # This is where we define the parameters.
- # It prompts for username and your initials.
- Param (
- [Parameter(Mandatory=$true)]
- [string]$Username,
- [Parameter(Mandatory=$true)]
- [string]$YourInitials
- )
- # This prompts for the new password for the account.
- $newpassword = Read-Host "Type new password:" -AsSecureString
- # Set Date Variables
- $Year = (Get-Date).ToString("yyyy")
- $Month = (Get-Date).ToString("MM")
- $Day = (Get-Date).ToString("dd")
- # Clear account details
- Get-ADUser $Username | Set-ADUser -Company $null -Department $null -Description $null -Fax $null -HomePhone $null -MobilePhone $null -Office $null -PostalCode $null -State $null -StreetAddress $null -City $null -OfficePhone $null -Title $null -HomePage $null
- # Remove all group memberships bar Domain Users
- # Note: this will cause an error as it won't be able to remove the Domain Users group. This is expected for v1 of the script.
- Get-ADPrincipalGroupMembership -Identity $Username | % {Remove-ADPrincipalGroupMembership -Identity $Username -MemberOf $_ -confirm:$false}
- # Set description
- Get-ADUser $Username | Set-ADUser -Description "$Year-$Month-$Day Moved to retired OU - $YourInitials"
- # Set Password
- Get-ADUser $Username |Set-ADAccountPassword -Reset -NewPassword $newpassword
- # Move to retired ou
- Get-ADUser $Username | Move-ADObject -TargetPath 'ou=retired accounts,ou=uk,dc=domain,dc=local'
- Exit
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement