In Powershel, you can disable an AD user account by using the Active Directory Powershell cmdlet Disable-ADAccount.
Disable AD User Account by its samAccountName
Import-Module ActiveDirectory Disable-ADAccount -Identity MorganTest
Disable Bulk AD Users from CSV file using Powershell Script
1. Consider the CSV file Users.csv (Ex file: Download ADUsers.csv) which contains set of Active Directory users to disable with the column header samAccountName.
2. Copy the below Powershell script and paste in Notepad file.
3. Change the Users.csv file path with your own csv file path.
4. SaveAs the Notepad file with the extension .ps1 like Disable-Bulk-AD-Users-FromCSV.ps1
Powershell script file: Download Disable-Bulk-AD-Users-FromCSV.ps1
Import-Module ActiveDirectory
Import-Csv "C:\ScriptsUsers.csv" | ForEach-Object {
$samAccountName = $_."samAccountName"
Get-ADUser -Identity $samAccountName | Disable-ADAccount
}
6. Now run the Disable-Bulk-AD-Users-FromCSV.ps1 file from Powershell console to disable bulk Active Directory users from csv file.
Advertisement
Can I use the userprincipalname, instead of the samAccountName attribute?
I didn’t test it. The Get-ADUser cmdlet’s document states that you can use distinguished name (DN), GUID, SID, samAccountName, or name. But, the UserPrincipalName is unique value, so you can check it is working or not. If it works, you can use it.