|
|
@@ -0,0 +1,36 @@
|
|
|
+param(
|
|
|
+ [hashtable]$GetADUserArgs=@{},
|
|
|
+ $Where={$true}
|
|
|
+)
|
|
|
+
|
|
|
+
|
|
|
+if (-not $GetADUserArgs.Properties) {
|
|
|
+ $GetADUserArgs["Properties"] = @(
|
|
|
+ "mail",
|
|
|
+ "lastLogon",
|
|
|
+ "lastLogonTimestamp",
|
|
|
+ "distinguishedName",
|
|
|
+ "UserPrincipalName"
|
|
|
+ )
|
|
|
+}
|
|
|
+if (-not $GetADUserArgs.Filter) {
|
|
|
+ $GetADUserArgs["Filter"] = {Enabled -eq $true}
|
|
|
+}
|
|
|
+$GetADUserArgs | Format-Table | Out-Host
|
|
|
+
|
|
|
+
|
|
|
+$users = Get-ADUser @GetADUserArgs | Where-Object $Where | Sort-Object lastLogonTimestamp | Foreach-Object {
|
|
|
+ [PSCustomObject]@{
|
|
|
+ dn=$_.distinguishedName
|
|
|
+ UserPrincipalName=$_.UserPrincipalName
|
|
|
+ mail=$_.mail
|
|
|
+ lastLogon=$_.lastLogon
|
|
|
+ lastLogonTimestamp=$_.lastLogonTimestamp
|
|
|
+ lastLogonTimestampStr=[datetime]::FromFileTimeUtc($_.lastLogonTimestamp)
|
|
|
+ }
|
|
|
+} | Out-GridView -OutputMode Multiple
|
|
|
+
|
|
|
+$users | Foreach-Object {
|
|
|
+ ([string]$_.dn) | Out-Host
|
|
|
+ Disable-ADAccount -Identity ([string]$_.dn)
|
|
|
+}
|
Tobias Simetsreiter