0

I have a powershell script to remove a user stored under the variable $User which is taken from a user input in the command line. How do I specify multiple users and remove all of them?

Script is below

$User = Read-Host - Prompt 'Enter user name'
Remove-ADUser $User
Write-Host "'$user' account has been removed press any key to close..."
$Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown")
Improve this question
4
  • 2
    Wow, this is code waiting for accidents.. You're not checking the users input at all, you don't explain they need to enter the login name, you simply assume they are entering the correct user to remove (which is a destructive action). Really, you should seriously think this over! Commented Jul 20, 2020 at 10:13
  • It's not a script for general use, I will be the only one using it and only with usernames that I know need to be deleted Commented Jul 20, 2020 at 11:48
  • @Theo if I were to check they were correctly inputting the username what would be the best way to add a data validation to make sure the username is inputted in the correct format? New to powershell scripting. Commented Jul 20, 2020 at 11:53
  • @MacHooper the best way to find the correct account is first to retrieve the accounts and validate if it is the correct one. There are ways to script the validations but that is totally depending on the structure of AD and the way you have structured the info. In my 4 step script below i have the test results first (which account did it find?) before actual deleting. Once you are sure that the code only finds and deletes the target accounts there are many ways to improve the scripts (like for automation purposes) Commented Jul 20, 2020 at 12:17

2 Answers 2

Reset to default
2

Agree with @Theo but if you know what you are doing there is a simple solution:

$User = Read-Host - Prompt 'Enter user name'
foreach($u in $User.Split(',')) 
{
   Remove-ADUser $u
   Write-Host "'$u' account has been removed"
}

$Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown")

All you need to know is delimiter which you have to use. In that case it is ',', so you need to pass logins in pattern: user1,user2

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Worked perfectly thank you, as I said it's for myself to speed up a job. I know the username format and the users that need to be removed
1

perhaps this helps little with getting a more save result. it took me a few minutes to write it. maybe it helps.


######################################
# first make sure we know what is happing..
######################################

$name = 'bob'
$AccountToDelete = Get-ADuser -filter {enabled -eq $true} -properties "displayname" | where {$_.displayname -match $name}

######################################
# then go a step further
######################################

$name = 'bob'
$AccountToDelete = Get-ADuser -filter {enabled -eq $true} -properties "displayname" | where {$_.displayname -match $name}

#show results of filter
$AccountToDelete.name

if ($AccountToDelete.count -gt 1)
    {
        write-warning 'more then one user:'
        $AccountToDelete.name
        BREAK
    } 
    ELSE 
    {
    
    'delete {0}' -f $AccountToDelete.name
    Remove-ADUser $AccountToDelete -WhatIf
}


######################################
# improvement 1
######################################

$names = 'bob','don' 

foreach ($name in $names){

    $AccountToDelete = Get-ADuser -filter {enabled -eq $true} -properties "displayname" | where {$_.displayname -match $name}

    #show results of filter
    $AccountToDelete.name

    if ($AccountToDelete.count -gt 1)
        {
            write-warning 'more then one user:'
            $AccountToDelete.name
            BREAK
        } 
     ELSE 
    {
    
        'delete {0}' -f $AccountToDelete.name
        Remove-ADUser $AccountToDelete -WhatIf    

    }
}


######################################
# improvement 2
######################################

#now add names to delete in a notepad textfile, one name per line
<#
you can use this to create a file
PS c:\users\administator> notepad users.txt 
#>

#replace the string arrary $names = 'bob','don' 
$names = (get-content .\users.txt).split('^t')
$names 
'processing {0} names...' -f $names.count

foreach ($name in $names){

    $AccountToDelete = Get-ADuser -filter {enabled -eq $true} -properties "displayname" | where {$_.displayname -match $name}

    #show results of filter
    $AccountToDelete.name

    if ($AccountToDelete.count -gt 1)
        {
            write-warning 'more then one user:'
            $AccountToDelete.name
            BREAK
        } 
     ELSE 
    {
    
        'delete {0}' -f $AccountToDelete.name
        Remove-ADUser $AccountToDelete -WhatIf    

    }
}

#finally if the script is showing you the results you need you can remove the -WhatIf
Improve this answer

1 Comment

not as short as the answer. As Theo and Simoff already mention that the way you approach this is very prone to errors. I always test my script in a VM (i made one to answer this question). When it is AD related i always need to be sure it is exactly doing what i want. (@Simoff: if someone knows exactly what he is doing he would not ask the question like this one here ;-) ...) My script is 4 steps to get to a more controlled result . If it didn't help you it might be helping someone else. As always... be carefull. No fun in testing AD recovery techniques or restores. (if production)

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.