Inventory of Missing and Disabled Configuration Manager Users

I wrote the following script to inventory the administrative users of my Configuration Manager (SCCM) environment as they relate to Active Directory. The end result is a list of users who no longer exist in Active Directory, users who are in Active Directory but disabled, and users who are granted rights in multiple ways (e.g. directly and through some groups).

There is some sample code on how to then remove them, but I urge you to run this in a test environment first and never trust random code you find online in your production environment until you’ve fully vetted it.


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.