My Problem
I need to disable an Active Directory user, but in the same time I seed to add a Description. I found it practical to add in the description the cause of the deactivation.The cmdlet Disable-ADAccount is there, but you cannot pass a description with it.
The Solution
Use Set-ADUser and you can pass what you want.
Exemple
Set-ADUser -Identity username -Description "Your description" -Enabled $false
Extra
You can find all of your disable users in one line. It's possible to use the Search-ADAccount like that : Search-ADAccount -AccountDisabled -UsersOnly. But you don't have the Description.
So I prefer to use this :
Get-ADUser -Filter * -Properties * | where {$_.Enabled -ne "True"}|Select Name, Description
Please feel free to comment.
Have a nice day!
J.
No comments:
Post a Comment