Here is a screenshot of the task.
The behavior occurs because the scheduled task is assigned over the Company users OU subtree, not the OU itself as it was shown in the post where we shared the initial script. To achieve the desired:
- Launch Adaxes Administration console.
- In the Console Tree, expand your service node.
- Navigate to Configuration\Scheduled Tasks and select the task you need.
- In the Activity Scope section on the right, select Company Users and click Edit below.
- Select the The Organizational Unit object checkbox.
- Clear all the other checkboxes and click OK.
- Save the changes. Finally, the Activity Scope of the task should look exactly like below (the Scope column should be This object only):
Can i set it to only disable enabled users?
To achieve the desired, replace this line in the script
$filterUsers = "(sAMAccountType=805306368)"
with the below one:
$filterUsers = "(sAMAccountType=805306368)(!(userAccountControl:1.2.840.113522.214.171.1243:=2))"