Got a question? Call +632 8244 2098   |   

A person I met at a social gathering and I started talking about PowerShell (I know it is not the usual social topic, but I am a geek and feel strongly about PowerShell).  He described an issue he was having at work where the company policy is that when accounts become inactive the user’s object needed to be disabled, moved to a specific OU and annotated to identify the policy that required the processing.  He was provided with a list of users to be processed in a text file.

The following function achieves this:

  function Process-InactiveUsers










     foreach ($user in $usersToProcess)


        $userToProcess = Get-ADUser $user.samAccountName -Properties *,Info

        $userToProcess | Disable-ADAccount

        $userToProcess | Move-ADObject -TargetPath “$archivedUsersOU”


        $newInfo = $userToProcess.Info + “`n`nUser disabled and moved due to inactivity in compliance with Company Policy `n$date”

        Set-ADUser -Identity $userToProcess.sAMAccountName -Replace @{Info=$newinfo}



It assumes a simple text file similar to:


This is a simple, straightforward approach to the problem which achieves the desired purpose.  It is a starting point and did work for the person that I wrote it for.  The approach shown here is along the lines of the 10961 course which covers the basics of PowerShell and the beginning of writing scripts.  A better solution would be to write this as a tool that can be more easily re-used.  The use of the:



Attribute means that the function will support the WhatIf and Confirm parameters and pass them through to the commands doing the work.

Feature Articles

Insights to help you craft your End of Financial Year Learning and Development Plan
By Chloe Villanueva | 28 March 2022
Cyber Security Fireside Chat - Introduction to CISSP
By Jeremy Daly | 6 April 2022
Innovate boldly and with peace of mind when you access AWS security training
By Chloe Villanueva | 25 April 2022