1.特定组中移除禁用账号
$group= "testgroup"
$members = Get-ADGroupMember -Identity $group
foreach ($memeber in $members){
$user= Get-ADUser -Identity $memeber
if($user.Enabled -eq $false){
Remove-ADGroupMember $group $user -Confirm:$false
}
}
所有组中删除禁用用户
$grouplist = Get-ADGroup -SearchBase "OU=test,dc=test,dc=com" -Filter 'GroupCategory -eq "Distribution"' -SearchScope OneLevel
foreach ($group in $grouplist){
$members = Get-ADGroupMember -Identity $group
foreach ($member in $members){
$user = Get-ADUser -Identity $member
if($user.Enabled -eq $false){
Remove-ADGroupMember -Identity $group -Members $user -Confirm:$false
}
}
}脚本2:
$users = Get-ADUser -Filter {enabled -eq "false"} -SearchBase "ou=test,dc=test,dc=com"
foreach ($user in $users ) {
Get-ADPrincipalGroupMembership -Identity $user | ?{$_.name -ne "domain users"} | %{Remove-ADPrincipalGroupMembership -Identity $user -MemberOf $_ -Confirm:$false}
}经测试,顺利删除已禁用账号。
免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。
