LKBEN10689: Howto automatically disable user accounts in active directory after a number of days
Symptom
You want to deactivate user accounts after 9 weeks or 63 days
Cause
none
Solution
You can use the dsquery tool in combination with dsmod. The following can be copy and pasted in a
command line and can be scheduled. Please note, these accounts will be disabled. You should use
the dsquery first to have a look at the accounts!
dsquery user ou=Lubby-Users,DC=lubby,DC=org -inactive 9 -limit 0 |dsmod user -disabled yes
You should use this script with care and let it run on the part of active directory where no
administrative or service accounts have been created!
Disclaimer:
The information provided in this document is intended for your information only. Lubby makes no claims to the validity of this information. Use of this information is at own risk!About the Author
Author: - Keskon GmbH & Co. KG
Wim Peeters is electronics engineer with an additional master in IT and over 30 years of experience, including time spent in support, development, consulting, training and database administration. Wim has worked with SQL Server since version 6.5. He has developed in C/C++, Java and C# on Windows and Linux. He writes knowledge base articles to solve IT problems and publishes them on the Lubby Knowledge Platform.