30 How to disable a AD user, update notes and delete all’MemberOf” list?

In the below PowerShell script:-

  1. Name and save the script as “Set-ADAccountDisableNDelGrps.PS1”.
  2. Run the script from the PowerShell console and provide the inputs as per the prompt.
  3. The output will be displayed within PowerShell console as default.
In case of any hurdle, please Contact Us

 

Import-Module ActiveDirectory 
$domain1 = Read-Host 'Enter the domain name (E.g. InfotechFusion)'
$domain2 = Read-Host 'Enter the after dot info (E.g. com)'
$ou =  Read-Host 'Enter the OU in which disabled user needs to move (E.g. Users - Disabled)'
      $usr=Read-Host 'Enter Username'
       $task= Read-Host "Enter the ServiceNow Task ID with notes [TASK0xx00xx (Disabled)]"
         $info = Get-ADUser $usr -Properties info | %{ $_.info}  
         $user=get-aduser $usr
      Disable-ADAccount $user.samaccountname
      $dn=$user.distinguishedName
     
      Set-ADUser $usr -Replace @{info="$($info) $task"} 
      Move-ADObject -Identity $dn -TargetPath "Ou=$ou,DC=$domain1,DC=$domain2" 

Write-Progress -Activity "Wait for less than 11 Seconds to see the status of" -Status "$usr" -PercentComplete 50

    Start-Sleep -Seconds 10.5

Import-Module ActiveDirectory 
    Get-ADPrincipalGroupMembership -Identity $usr |select @{Name="Was Member Of"; Expression = {($_.name)}} 
        Get-ADUser -Identity $usr -Properties DisplayName, name, AccountExpirationDate, info, CanonicalName |

Select-Object -Property @{Name="Please find the information of"; Expression = {($_.Name)} }, 
@{Name="Full Name"; Expression = {($_.DisplayName)}}, 
 @{Name="Username"; Expression = {($_.SamAccountName)}},
  @{Name="AccountEnabled"; Expression = {($_.Enabled)}}, 
  AccountExpirationDate, 
 @{Name="Current-OU"; Expression = {($_.CanonicalName)}}, 
 @{Name="Notes"; Expression = {($_.Info)}}  |
Out-Default
#Out-GridView   

#This will remove the membership list of the ADUser.
Import-Module ActiveDirectory 
Get-ADUser -Identity $usr -Properties MemberOf | ForEach-Object {
  $_.MemberOf | Remove-ADGroupMember -Members $_.DistinguishedName -Confirm:$false
}
Write-Host 'Groups Membership are removed from' $usr 'and updated notes as' $task -ForegroundColor Green