In case you need to disable a particular user or computer account in Active Directory, you can use Disable-ADAccount PowerShell cmdlet as shown in the command below:
- Disable-ADAccount -Identity “CN=Nick, OU=TempUsers, DC=Test, DC=Local”
Above command disables only one user account named “Nick”. In case you need to disable all user accounts in an OU, you are going to use two PowerShell cmdlets; Get-ADUser and DisableADAccount as specified in the command below:
Get-ADUser -Filter “Name -like “*” -SearchBase “OU=TempUsers,DC=Test, DC=Local” | Disable-ADAccount
First command gets the list of user accounts in OU TempUsers and second command disables the account.
About Nirmal Sharma
Nirmal is a MCSEx3, MCITP and was awarded Microsoft MVP award in Directory Services and Windows Networking. He is specialized in Directory Services, Failover cluster, Hyper-V, System Center, Windows Azure, and Exchange Servers and has been involved in Microsoft Technologies since 1994. In his spare time, he offers technical help by writing tips and articles on several web sites. Nirmal can be reached at [email protected].
Running your initial command didn’t work with the parameters you chose.
This is what I used instead: Get-ADUser -Filter * -SearchBase “OU=TempUsers,DC=Test, DC=Local” -SearchScope Subtree | Disable-ADAccount
Does this script:
Get-ADUser -Filter * -SearchBase “OU=TempUsers,DC=Test, DC=Local” -SearchScope Subtree | Disable-ADAccount
Disable ALL users in 1 certain OU?