accountsToDisable.txt
orange
apple
pear
termed user
REM disableAccounts.bat
REM read accountsToDisable.txt and convert names into proper DN entries. Save result into accounts2.txt
for /f "delims=" %A in (accounts.txt) do dsquery user -name "%%A" -s DC01 > accounts2.txt
Rem reads accounts2.txt and disable each account with a description "Disabled by Script"
for /f "delims=" %B in (accounts2.txt) do dsmod -user %%B -disabled yes -desc "Disabled by Script" -s DC01
Powershell method:
# Search for disabled accounts and move them into the Disabled Accounts container
Search -ADAccount -AccountDisabled -UsersOnly -SearchBase "OU=OUName, DC=KIMCONNECT, DC=com" | Move -ADObject -TargetPath "OU=Disabled Accounts, DC=kimconnect,DC=com"
' List Disabled Account.VBS
On Error Resume Next
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCommand.ActiveConnection = objConnection
objCommand.Properties("Page Size") = 1000
objCommand.CommandText = _
"<LDAP://dc=kimconnect,dc=local>;(&(objectCategory=User)" & _
"(userAccountControl:1.2.840.113556.1.4.803:=2));Name;Subtree"
Set objRecordSet = objCommand.Execute
objRecordSet.MoveFirst
Do Until objRecordSet.EOF
Wscript.Echo objRecordSet.Fields("Name").Value
objRecordSet.MoveNext
Loop