This script is written in PowerShell and is designed to move disabled users in Active Directory to a specified OU and send an HTML email report with details of the users moved.
The script first sets the target OU where disabled users will be moved and retrieves all disabled users except krbtgt and guest accounts from the specified search base. It then separates the already disabled users in the target OU from the new disabled users that need to be moved.
Next, the script prepares an HTML email report that includes two tables: one for users already in the target OU and another for users moved to the target OU. The report includes details such as the name, SAM account name, and email address of each user.
Finally, the script sends the email report using the Send-MailMessage cmdlet with the specified parameters, including the SMTP server, port, SSL, credentials, recipient, sender, subject, body, and body format.
# Specify the name of the OU where disabled users will be moved
$targetOU = "OU=Disabled,DC=infoalias,DC=local"
# Get all disabled users except krbtgt and guest accounts, and move them to the Disabled OU
$disabledUsers = Get-ADUser -Filter {Enabled -eq $false -and Name -ne "krbtgt" -and Name -ne "Guest"} -SearchBase "DC=infoalias,DC=local" -Properties EmailAddress
$alreadyDisabledUsers = $disabledUsers | Where-Object {$_.DistinguishedName.StartsWith($targetOU)}
$newDisabledUsers = $disabledUsers | Where-Object {-not $_.DistinguishedName.StartsWith($targetOU)}
foreach ($user in $newDisabledUsers) {
Move-ADObject $user.DistinguishedName -TargetPath $targetOU
}
# Prepare the HTML email report
$htmlBody = "<html><body>"
$htmlBody += "<h2>Disabled Users Moved to $targetOU</h2>"
if ($alreadyDisabledUsers) {
$htmlBody += "<h3>Users Already in $targetOU</h3>"
$htmlBody += "<table border='1'><tr><th>Name</th><th>SamAccountName</th><th>EmailAddress</th></tr>"
foreach ($user in $alreadyDisabledUsers) {
$htmlBody += "<tr><td>$($user.Name)</td><td>$($user.SamAccountName)</td><td>$($user.EmailAddress)</td></tr>"
}
$htmlBody += "</table><br>"
}
if ($newDisabledUsers) {
$htmlBody += "<h3>Users Moved to $targetOU</h3>"
$htmlBody += "<table border='1'><tr><th>Name</th><th>SamAccountName</th><th>EmailAddress</th></tr>"
foreach ($user in $newDisabledUsers) {
$htmlBody += "<tr><td>$($user.Name)</td><td>$($user.SamAccountName)</td><td>$($user.EmailAddress)</td></tr>"
}
$htmlBody += "</table>"
} else {
$htmlBody += "<p>No users were moved to $targetOU.</p>"
}
$htmlBody += "</body></html>"
# Send the email report using smtp details, you can create and hide the password by using separate global PowerShell script and call it here.
$smtpServer = "smtp.example.com"
$smtpPort = 587
$smtpUsername = "username"
$smtpPassword = "password"
$fromAddress = "admin@example.com"
$toAddress = "user@example.com"
$subject = "Disabled Users Report"
$credentials = new-object Management.Automation.PSCredential $smtpUsername, ($smtpPassword | ConvertTo-SecureString -AsPlainText -Force)
Send-MailMessage -SmtpServer $smtpserver -Port 587 -UseSsl -Credential $credentials -To $toAddress -From $fromAddress -Subject $subject -Body $htmlbody -BodyAsHtml
Hi,
Thank you for sharing great content.
I need your help as I get stucked in project.
I have a particluar directory like “c\hello\helloyou\” something like this & I want to pull information of all the users who have access to that particluar folder.
Need a powershell script for this.
Thanks & Regards
Sk
You can watch this youtube video on my channel, This will help you
https://youtu.be/HsExFwG21wU
Hi,
This script working as expected, but we are getting email with all disabled users list.
We want to email with only that user list which was move to different OU at the time of run the script.