Moving Computer Accounts Using PowerShell

In this article, I posted a script that I use for generating a monthly report of inactive computer accounts in Active Directory. Once I have reviewed that report and decided which computer accounts I want to get rid of, I like to move them to a “holding cell” OU for a week or so before finally deleting them. I copy the list of inactive computers […]

“Your Account Has Been Disabled” in OWA

If you accidentally delete a user from Active Directory, you normally shouldn’t create a new account with the same name. All resource permissions and group memberships are associated to the old account’s SID and not to its name. This is what allows you to rename AD users and groups at will without disrupting access. So, if you can, you should restore the deleted account from […]

Get a Report of All (Inactive) Computer Accounts

As an Active Directory domain matures, it tends to accumulate junk. (It’s a lot like me in that way.) This script will scan your domain for computer accounts that haven’t been used in at least 90 days and output the results to an Excel spreadsheet. Since I included the operating system, service packs, manager’s name, and creator SID, you can use this same script for […]

Conflicting with Default Formatting??

The other day I was writing a script to get the distribution group memberships of a given user and output the names to the EMS console. If I type these commands into the shell line by line, it works fine: $UserGroups = (get-qadmemberof -Identity $UserName | where-object {$_.EmailAddresses ` -like “**”} | ft Name -HideTableHeaders) write-host “$UserName is a member of the following Distribution Groups:” […]

