Managing users in an Active Directory (AD) environment is a critical task for system administrators. One common requirement is to remove users who no longer need access to the network. In a Windows environment, this can be efficiently achieved using PowerShell, a powerful scripting language that allows administrators to automate various tasks. This article will guide you on how to use the Remove-ADUser cmdlet in PowerShell to remove users from Active Directory.

Examples:

1. Basic Removal of an AD User: To remove a user from Active Directory, you can use the Remove-ADUser cmdlet. Here is a simple example of how to remove a user with the username jdoe:

   Remove-ADUser -Identity jdoe

2. Removing a User with Confirmation: By default, the Remove-ADUser cmdlet will prompt for confirmation before removing a user. You can suppress this confirmation by using the -Confirm parameter set to $false:

   Remove-ADUser -Identity jdoe -Confirm:$false

3. Removing a User with a Distinguished Name: Sometimes, you might need to specify the user by their distinguished name (DN). Here’s how to do it:

   Remove-ADUser -Identity "CN=John Doe,OU=Users,DC=example,DC=com"

4. Removing Multiple Users: If you need to remove multiple users, you can use a script to iterate through a list of usernames. For example, if you have a text file users.txt containing usernames, you can use the following script:

   $users = Get-Content -Path "C:\path\to\users.txt"
   foreach ($user in $users) {
      Remove-ADUser -Identity $user -Confirm:$false
   }

5. Logging Removed Users: It’s often useful to log the users that have been removed. Here’s an example script that writes the usernames to a log file:

   $users = Get-Content -Path "C:\path\to\users.txt"
   $logPath = "C:\path\to\removed_users.log"
   foreach ($user in $users) {
      Remove-ADUser -Identity $user -Confirm:$false
      Add-Content -Path $logPath -Value "$user removed on $(Get-Date)"
   }