Automation for removing users and computers from Active Directory

  • Create CSV file
  • Import CSV file content
  • Splash parameters with hashtables
  • Build script.

If you still manage users and computers in active directory manually, there are two options, maybe you manage a very small infrastructure, or, you must continue reading this!

Automation not only saves a lot of time, but also avoids human error, be the first one to cast a stone that one who never forgot to delete that old user or to put an object in the right organizational unit, these kind of mistakes may not seem a big problem for you, well, I hope you don’t think like that, because if you do so, you’re not doing your job right!

Create CSV file

If you never heard about CSV, it means Comma Separated Values, it’s not the same as .xlsx or .ods/.ots but we can open it in Microsoft’s Excel or LibreOffice’s Calc though.

In this lab we’ll set 3 users with 3 hosts each to be deleted:

Import CSV file content:

$Employees = Import-CSV -Path .\FELIPETHEPOSHGUY\Remove_Employees.csv

By doing this, we’ve just created a PSCustomObject:

The idea behind using PSCustomObject is to have a very simple way to create structured data, note that the heads of each column will work like a property and the lines below them will work like their values:

Learn More about PSCustomObjects with the MVP Kevin Marquette.

Splash parameters with hashtables

We’ll use two ActiveDirectory module cmdlets:

  1. Remove-ADUser
  2. Remove-ADComputer

Both of them has the parameter -Identity and we’ll need to pass each of our PSCustomObject values to it, this is possible by creating hashtables:

Hashtables are a type of array that allows the storage of paired Keys and Values, These keys and values must be enclosed with ‘@{}‘:

# $Hashtable = @{
#    key name = key value
# }

$UserParams = @{
      'Identity' = $Employees.UserName

We have successfully created a hashtable with the name of the parameter we want to use and the values we want to pass through it, to do so, we can call the cmdlet and splash our hashtable by assigning ‘@‘ instead ‘$‘:

Remove-ADUser @UserParams

Build script

Now let’s build the script, follow the comments in it to understand each line.

See it in action!

This was my first article about Active Directory automation, would you like to see more of it? feel free to leave a comment, I invite you to follow me on my social hub, please if this article helped you share it with your mates! 😉

If you need some help, pelase get in contact!

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.