This Script will help to move all the disabled Servers from Server OU to another OU.
Below is just an example... that will be where you put the systems you want to Disable and Move to "Disabled Workstations". All you will have to do for the input file is copy the Distinguished Name column data for the records you want to process into the file and save the file in the same folder as the script.
Example:- CN=ServerName,OU=Computers,OU=001,OU=Servers,DC=test,DC=com Syntax Used in Script below
Domain Controller Name - DC1
Domain Name - test.com
OU to Move disabled servers - Disabled Workstations
----------------------------------------------------------------------------
##################################################################################################
# #
# Script to disable AD computer objects and move them to a Disabled OU #
# #
# Created by AVTechinfo.com #
# ##################################################################################################
# #
# Must be run with Admin account #
# Input file must have unique Distinguished Name data on each line. No headers or blank lines #
# Anything written to the Failed log will need to be addressed manually. #
# #
##################################################################################################
############### Input required below ###############
$WorkingPath = $PSScriptRoot #Get-Location
$ScriptName = $MyInvocation.MyCommand.Name
$ScriptName = $ScriptName.Substring(0,$ScriptName.Length-4)
$LogPath = "$WorkingPath\logs"
$InputFile = "$WorkingPath\$($ScriptName)_Input.txt"
$TestSuccess = "True" #Setting this to anything but True will increase the speed of the script but with less validation
$DC = "DC1"
####### Dont change anything below this line #######
######################################
# Create LogPath if it doesn't exist #
######################################
If(!(Test-Path $LogPath))
{
New-Item -ItemType Directory -Force -Path $LogPath | Out-Null
}
$DataInput = Get-Content -Path "$InputFile"
#Write-Host $ObjectNames
$LogTime = Get-Date -Format "yyyyMMdd_HHmm"
#Write-Host $LogTime
$SuccessLog = "$($logpath)\$($ScriptName)_Success_$($LogTime).txt"
#Write-Host $SuccessLog
$FailedLog = "$($logpath)\$($ScriptName)_Failed_$($LogTime).txt"
#Write-Host $FailedLog
$FullLog = "$($logpath)\$($ScriptName)_Full_$($LogTime).txt"
#Write-Host $FullLog
$CreateLog = Add-Content -Path $SuccessLog -Value "Computername;Disabled;Moved" #;IP static;IP DHCP;Identical or Not;Info DNS;Info DHCP"
$CreateLog1 = Add-Content -Path $FailedLog -Value "Computername;IP;Status"
Start-Transcript -path "$FullLog" -append | Out-Null
Write-Host `n
Write-Host "===================================================================="
Write-Host `n
foreach ($Object in $DataInput){
Write-Host "Processing $Object"
Write-Host `n
if ($TestSuccess -eq "True"){
$ObjectSplit = $Object -split(",")
$ObjectName = ($ObjectSplit[0]).Substring(3,$ObjectSplit[0].length-3)
if (Test-Connection -ComputerName $ObjectName -Count 1 -Quiet) { # If host is pingable skip it
#################################################
# Ping Test and collect current IP for log file #
#################################################
$ipV4 = Test-Connection -ComputerName $ObjectName -Count 1 | Select -ExpandProperty IPV4Address
Write-Host "$ObjectName is pingable. Checking..." -ForegroundColor Yellow
$CompareName = [System.Net.Dns]::GetHostByAddress($ipV4).HostName
If ($ObjectName -eq $CompareName.Substring(0,$ObjectName.Length)){
Write-Host "$($ObjectName);$($ipV4);Object pingable and verified, please review. Not processed." -ForegroundColor Red
Add-Content -Path $Failedlog -Value "$($ObjectName);$($ipV4);Object pingable so skipped, please review."
} else {
Write-Host "Pinged IP does not match this system. Continuing..." -ForegroundColor Yellow
Disable-ADAccount -Identity $Object -Server $DC
Write-Host "$ObjectName Disabled and will be verified." -ForegroundColor Green
if ((Get-ADComputer -Identity $Object -Server $DC).Enabled -eq "True"){
$Enabled = "Enabled"
} else {
$Enabled = "Disabled"
}
Move-ADObject –Identity $Object -TargetPath "OU=Disabled Workstations,DC=test,DC=com" -Server $DC
Write-Host "$ObjectName Moved to Disabled Workstations and will be verified." -ForegroundColor Green
if ($Var = Get-ADComputer -filter "Name -eq '$ObjectName'" -SearchBase "OU=Disabled Workstations,DC=test,DC=com" -Server $DC){
$Moved = "Moved"
} else {
$Moved = "Not Moved"
}
Write-Host `n
Write-Host "$($ObjectName);$($Enabled);$($Moved)"
}
} else {
Disable-ADAccount -Identity $Object -Server $DC
Write-Host "$ObjectName Disabled and will be verified." -ForegroundColor Green
if ((Get-ADComputer -Identity $Object -Server $DC).Enabled -eq "True"){
$Enabled = "Enabled"
} else {
$Enabled = "Disabled"
}
Move-ADObject –Identity $Object -TargetPath "OU=Disabled Workstations,DC=oiiad,DC=com" -Server $DC
Write-Host "$ObjectName Moved to Disabled Workstations and will be verified." -ForegroundColor Green
if ($Var = Get-ADComputer -filter "Name -eq '$ObjectName'" -SearchBase "OU=Disabled Workstations,DC=oiiad,DC=com" -Server $DC){
$Moved = "Moved"
} else {
$Moved = "Not Moved"
}
Write-Host `n
Write-Host "$($ObjectName);$($Enabled);$($Moved)"
}
} else {
$Enabled = "Disabled but Not Verified"
$Moved = "Moved but Not Verified"
Disable-ADAccount -Identity $Object
Write-Host "$ObjectName Disabled and will NOT be verified." -ForegroundColor Yellow
Move-ADObject –Identity $Object -TargetPath "OU=Disabled Workstations,DC=test,DC=com"
Write-Host "$ObjectName Moved to Disabled Workstations and will NOT be verified." -ForegroundColor Yellow
}
Write-Host `n
Write-Host "===================================================================="
Write-Host `n
Add-Content -Path $Successlog -Value "$($Object);$($Enabled);$($Moved)"
}
#Write-Host `n
Write-Host All computers in list are processed, see log files for more information
Write-Host `n
Stop-Transcript | out-null
No comments:
Post a Comment