cbrand/ps
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
main
ps/Modules/Alkami.DevOps.SystemEngineering/Public/Move-AccountToDisabledOU.ps1
jcolebrand c34cead304 First full commit
2023-05-30 22:51:22 -07:00

62 lines
2.0 KiB
PowerShell
Raw Permalink Blame History

function Move-AccountToDisabledOU {
<#
.SYNOPSIS
Moves an AD Account to the Disabled Accounts OU
.DESCRIPTION
Moves an AD Account to the Disabled Accounts OU
.PARAMETER AccountDistinguishedName
[string] The DistinguishedName of an AD Account to Act Upon
.PARAMETER DisabledAccountOU
[string The OU name for disabled accounts. Defaults to "Disabled Accounts"
.PARAMETER DomainName
[string] The domain name to act upon. Defaults to "fh.local"
.EXAMPLE
Move-AccountToDisabledOU "fake.serviceaccount")
.EXAMPLE
Move-AccountToDisabledOU "fake.serviceaccount") -DisabledAccountOU "Trash Can" -Domain "corp.alkamitech.com"
#>
[CmdletBinding()]
param (
[Parameter(Mandatory = $true)]
[ValidateNotNullOrEmpty()]
[string]$AccountDistinguishedName,
[Parameter(Mandatory = $false)]
[string]$DisabledAccountOU = "Disabled Accounts",
[Parameter(Mandatory = $false)]
[string]$DomainName = "fh.local"
)
$logLead = Get-LogLeadName
if (!(Test-IsUserDomainAdmin)) {
Write-Warning "$logLead : You must have domain administrative privileges to run this command"
return $nulls
}
$domainNameDistinguishedName = Get-DomainNameDistinguishedName $DomainName
$disabledAccountOUTrimmed = $DisabledAccountOU.TrimStart("OU=")
$disabledAccountsOUDN = "OU=$disabledAccountOUTrimmed"
$disabledAccountsOUDistinguishedName = "$disabledAccountsOUDN,$domainNameDistinguishedName"
Write-Host "$logLead : Acting on Account with Distinguished Name [$AccountDistinguishedName]"
if ($AccountDistinguishedName -match $disabledAccountsOUDN) {
Write-Warning "$logLead : Account is already in Disabled Accounts OU [$disabledAccountsOUDistinguishedName]"
} else {
Write-Host "$logLead : Moving account to the Disabled Accounts OU [$disabledAccountsOUDistinguishedName]"
Move-ADObject -Identity $AccountDistinguishedName -TargetPath $disabledAccountsOUDistinguishedName
}
}
Reference in New Issue View Git Blame Copy Permalink