Skip navigation
Menu
End-User Platforms>Active Directory

Q. How can I delete from Active Directory (AD) user accounts that are listed in a file?

A. To delete the accounts listed in the file that I created in the FAQ, "How can I create a file that contains all user profiles that were created before a specific date?" (FAQ), ), I first created a text file that included information in the following format:

|\[optional info after the pipe\]
|\[optional info after the pipe\]

etc.

For example:

CN=test1,OU=testing,DC=demo,DC=local|6/2/2004 10:59:32 PM
CN=test2,OU=testing,DC=demo,DC=local|6/2/2004 10:55:14 PM

A pipe character (|) must follow the account's distinguished name (DN); the script ignores what follows the pipe.

I then wrote the delusersfromfile.vbs script, which deletes the accounts listed in the file. You can download the script at Code. Save the script as delusersfromfile.vbs. Remember to modify the script to include information specific to your installation.

Option Explicit

Dim strFilePath, objFSO, objFilesTarget, sUser, objParent, sLine, aLine, _
   sDN, oUser

' Check that all required arguments have been passed.
If Wscript.Arguments.Count  required. For example:" & vbCrLf _
& "cscript delusersfromfile.vbs c:\temp\UserList.txt"
Wscript.Quit(0)
End If

strFilePath = Wscript.Arguments(0)

Const ForReading = 1

Set objFSO = CreateObject("scripting.filesystemobject")
Set objFilesTarget = objFSO.OpenTextFile(strFilePath,ForReading,True)

Do While objFilesTarget.AtEndOfStream  True
    sLine = objFilesTarget.ReadLine
    aLine = split(sline, "|",-1,1)
    sDN = aLine(0)

    On Error Resume Next

    sUser = "LDAP://" & sDN

    wscript.echo sUser

    Set oUser = GetObject(sUser)
    Set objParent = GetObject(oUser.parent)
    objParent.Delete "User", (oUser.Name)
Loop

Set oUser = Nothing

To run delusersfromfile.vbs, at a command prompt enter

cscript delusersfromfile.vbs c:\temp\list.txt

You'll see output on screen that's similar to this:

Microsoft (R) Windows Script Host Version 5.6
Copyright (C) Microsoft Corporation 1996-2001. All rights reserved.

LDAP://CN=test1,OU=testing,DC=demo,DC=local
LDAP://CN=test2,OU=testing,DC=demo,DC=local

After executing delusersfromfile.vbs, you could run a script to verify whether the accounts have been deleted. For example, you could run the listusersolder.vbs script that I discuss in "How can I create a file that contains all user profiles that were created before a specific date?"; the list that the script outputs should be empty of old accounts.

Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
computer password entry box overlaying a keyboard
How To Use PowerShell for Active Directory Password Help
Mar 18, 2024
Microsoft CEO Satya Nadella on stage at Microsoft Ignite 2023
Top 10 Stories About Microsoft in 2023
Dec 22, 2023
A keyboard key shows a cloud icon and says the word 'connect'
How to Access Azure AD in PowerShell
May 09, 2023
arrows on a blue background
How To Import the PowerShell Active Directory Module
May 02, 2023