Kent Hoang Logo

Kent Hoang

Infrastructure Engineer | Enterprise Systems

Resource Article

bulk disable acct

powershell code to disable acct in bulk

Back to Resources
March 2026Powershell

Import-Module ActiveDirectory

 # Import the CSV
$Users = Import-csv "C:\Scripts\users.csv"
$group1 = "GP1"
$group2 = "GP2"

$member1 = Get-ADGroupMember -Identity $group1 | Select-Object -ExpandProperty SamAccountName
$member2 = Get-ADGroupMember -Identity $group2 | Select-Object -ExpandProperty SamAccountName

 

# Process each user

foreach ($u in $Users) {

   

    if ([string]::IsNullOrWhiteSpace($u.username)) {

        Write-Warning "Empty username found in CSV - skipping."

        continue

    }

 

    try {

        # Retrieve the user object

        $ADUser = Get-ADUser -Identity $u.username -Properties MemberOf -ErrorAction Stop

 

        # Check if user is already disabled

        if ($ADUser.Enabled) {

            Disable-ADAccount -Identity $u.username -Confirm:$false

            Remove-ADGroupMember -Identity "Gp4" -Members $u.username -Confirm:$false

            Remove-ADGroupMember -Identity "GP5" -Members $u.username -Confirm:$false

            Remove-ADGroupMember -Identity "GP6" -Members $u.username -Confirm:$false

            Write-Host "Successfully disabled account: $user" -ForegroundColor Green

        } else {

            Write-Warning "Account already disabled: $u.Username"

        }

 

        if ($member1 -contains $u.username -or $member2 -contains $u.username) {

            try {

                Remove-ADGroupMember -Identity $group1 -Members $u.username -Confirm:$false

                Remove-ADGroupMember -Identity $group2 -Members $u.username -Confirm:$false

 

 

                Write-Host "Removed $u.Username from group '$group1'" -ForegroundColor Yellow

                Write-Host "Removed $u.Username from group '$group2'" -ForegroundColor Yellow

            }

            catch {

                Write-Error "Failed to remove $u.Username from '$group1': $($_.Exception.Message)"

            }

        } else {

            Write-Host "$u.username is not a member of '$group1' - no removal needed." -ForegroundColor Cyan

            Write-Host "$u.username is not a member of '$group2' - no removal needed." -ForegroundColor Cyan

        }

    }

    catch {

        if ($_.Exception.Message -like "*Cannot find an object with identity*") {

            Write-Error "User not found in Active Directory: $u.Username"

        }

        elseif ($_.Exception.Message -like "*Cannot find an object with identity: '$group1'*") {

            Write-Error "Target group '$group1' not found in Active Directory. Check the group name."

            break  # Stop script if group doesn't exist

        }

        else {

            Write-Error "Failed to process $u.Username: $($_.Exception.Message)"

        }

    }

}

 

Write-Host "Script completed." -ForegroundColor Cyan