Find and Disable Active Directory Users with PowerShell Faster than You can Open the GUI

In this scenario, a support request has been escalated to you because the help desk is unable to find a user account in Active Directory that needs to be disabled.

The help desk included a screenshot where they attempted to search for the user who is named “William Doe”:

finduser1.png

The request you received also stated that the user is in the “Sales” department so you perform a quick search for users who have a last name of “Doe” and who are also in the “Sales” department:

Get-ADUser -Filter {Surname -eq 'Doe' -and Department -eq 'Sales'}

finduser2.png

Based on the results, it appears that the user’s first name is probably Scott with a middle name of William since the only result returned is “Scott W. Doe”. Now to disable his account:

Get-ADUser -Filter {Surname -eq 'Doe' -and Department -eq 'Sales'} |
Set-ADUser -Enabled $false -PassThru

finduser3.png

The user was located and disabled faster with PowerShell than you could have even opened the GUI.

µ