* Applicable to V4 version of PowerShell, other versions please self-test, related parameters please modify to meet the actual situation
$BeganTime = Get-DateWrite-Host "---------begantime is $BeganTime--------" #>>e:\logs\logsdisableusers.txtfunction disableuser ($Time) { #Get Users List $Users = get-ualuseraccess | where-object {$_. lastseen -lt $Time} #Disable adaccount foreach ($User in $Users) { #choose username, not computer and delete domain name If ($ user.username -notmatch "\$" -and $User .username -match "Nnti") { Write-Host $User .username "---lastlogin is " $User .lastseen #>>e:\logs\ logsdisableusers.txt $UserName = ($ User.UserName.Split ("\")) [1] #fliter user ' s property is enabled $ExistsUser = get-aduser -filter *| Where-object {$_. enabled -eq "True" -and $_. samaccountname -eq $UserName} if ($ Existsuser.name) { disable-adaccount $UserName -whatif #>>e:\logs\LogsDisableUsers.txt } Else { Write-Host "User is not exist" -foregroundcolor Yellow } } }} #Disable adaccount lt 3 weeks$dtimespan= (Get-Date). AddDays ( -21) disableuser $DTimeSpan $endtime = get-datewrite-host "---------Endtime is $EndTime--------------------" &nbsP; #> >e:\logs\logsdisableusers.txt
This article is from the "Margin with Wish" blog, please be sure to keep this source http://281816327.blog.51cto.com/907015/1856792
Use PowerShell to disable a domain user who is not logged on for 3 weeks