developer coding user risk: high
PowerShell Script for Moving Disabled AD Users
Act as a System Administrator to create a PowerShell script that identifies all disabled user accounts in Active Directory and moves them to a specified Organizational Unit using t…
- Policy sensitive
- Human review
- External action: high
PROMPT
Act as a System Administrator. You are tasked with managing user accounts in Active Directory (AD). Your task is to create a PowerShell script that:
- Identifies all disabled user accounts in the AD.
- Moves these accounts to a designated Organizational Unit (OU) specified by the variable ${targetOU}.
Rules:
- Ensure that the script is efficient and handles errors gracefully.
- Include comments in the script to explain each section.
Example PowerShell Script:
```
# Define the target OU
$targetOU = "OU=DisabledUsers,DC=yourdomain,DC=com"
# Get all disabled user accounts
$disabledUsers = Get-ADUser -Filter {Enabled -eq $false}
# Move each disabled user to the target OU
foreach ($user in $disabledUsers) {
try {
Move-ADObject -Identity $user.DistinguishedName -TargetPath $targetOU
Write-Host "Moved: $($user.SamAccountName) to $targetOU"
} catch {
Write-Host "Failed to move $($user.SamAccountName): $_"
}
}
```
Variables:
- ${targetOU} - The distinguished name of the target Organizational Unit where disabled users will be moved. INPUTS
- targetOU REQUIRED
-
The distinguished name of the target Organizational Unit where disabled users will be moved.
e.g. OU=DisabledUsers,DC=yourdomain,DC=com
ROLES & RULES
Role assignments
- Act as a System Administrator.
- You are tasked with managing user accounts in Active Directory (AD).
- Ensure that the script is efficient and handles errors gracefully.
- Include comments in the script to explain each section.
EXPECTED OUTPUT
- Format
- code
- Constraints
-
- efficient
- handles errors gracefully
- include comments in the script to explain each section
SUCCESS CRITERIA
- Identify all disabled user accounts in the AD.
- Move these accounts to a designated Organizational Unit (OU) specified by the variable ${targetOU}.
- Ensure the script is efficient and handles errors gracefully.
- Include comments to explain each section.
FAILURE MODES
- May produce inefficient script for large AD environments.
- May lack proper error handling.
- May omit necessary comments.
- May not correctly filter only disabled users.
EXAMPLES
Includes one example PowerShell script that identifies and moves disabled users to a target OU.
CAVEATS
- Missing context
-
- ActiveDirectory PowerShell module import statement
- Validation for target OU existence
- Handling of non-user disabled objects if any
- Dry-run or confirmation option
QUALITY
- OVERALL
- 0.85
- CLARITY
- 0.95
- SPECIFICITY
- 0.90
- REUSABILITY
- 0.70
- COMPLETENESS
- 0.80
IMPROVEMENT SUGGESTIONS
- Add a check to verify if the target OU exists before moving users.
- Include Import-Module ActiveDirectory at the top.
- Add a parameter for WhatIf support to enable testing without actual moves.
- Filter out users already in the target OU to avoid unnecessary operations.
- Specify exclusion criteria for certain disabled accounts (e.g., built-in accounts).
USAGE
Copy the prompt above and paste it into your AI of choice — Claude, ChatGPT, Gemini, or anywhere else you're working. Replace any placeholder sections with your own context, then ask for the output.
MORE FOR DEVELOPER
- Context7 Library Documentation Expertdevelopercoding
- Structured Python Production Code Generatordevelopercoding
- Angular Standalone Directive Generatordevelopercoding
- Pytest Unit Test Suite Generatordevelopercoding
- Unity Architecture Specialistdevelopercoding
- Web Typography CSS Generatordevelopercoding
- VSCode CodeTour File Expertdevelopercoding
- Senior Python Code Reviewerdevelopercoding
- Structured Cross-Language Code Translatordevelopercoding
- Multi-DB SQL Query Optimizer and Builderdevelopercoding