PowerShell module for automating the Active Directory user lifecycle -- from provisioning to offboarding to compliance reporting.
Built for enterprise environments where user provisioning needs to be consistent, offboarding needs to be thorough, and auditors need documentation.
Manual AD user management doesn't scale. New hires get inconsistent group memberships depending on who creates the account. Offboarding is a checklist someone forgets half of. Auditors ask "show me everyone in the domain" and someone spends an afternoon in ADUC.
| Function | Purpose |
|---|---|
New-ADUserFromTemplate |
Create AD users from a template account -- single or bulk CSV import |
Disable-DepartedUser |
Complete offboarding: disable, reset password, strip groups, archive home folder, move to Disabled OU, hide from GAL |
Export-ADUserReport |
Generate HTML/CSV user reports with inactive account flagging |
Import-Module .\AD-UserLifecycle.psd1
# Provision a single user from a template
New-ADUserFromTemplate -FirstName "Jane" -LastName "Smith" -Template "Template.IT"
# Bulk provision from CSV
New-ADUserFromTemplate -CsvPath ".\Templates\NewHires-Template.csv"
# Preview an offboarding without making changes
Disable-DepartedUser -Identity "jsmith" `
-DisabledOU "OU=Disabled Users,DC=contoso,DC=com" `
-ArchivePath "\\fileserver\archives" -WhatIf
# Generate an audit report flagging 60-day inactive users
Export-ADUserReport -OutputFormat Both -DaysInactive 60Provisioning:
SAMAccountName DisplayName OU Template Status
-------------- ----------- -- -------- ------
smithj Smith, Jane OU=Users,OU=IT,DC=contoso,DC=com Template.IT Created
jonesb Jones, Bob OU=Users,OU=HR,DC=contoso,DC=com Template.HR Created
Offboarding:
SAMAccountName : jsmith
DisplayName : Jane Smith (jsmith)
PreviousGroups : IT-Staff; VPN-Users; SharePoint-Users
PreviousOU : OU=Users,OU=IT,DC=contoso,DC=com
MovedTo : OU=Disabled Users,DC=contoso,DC=com
HomeFolderArchived : True
Status : Offboarded
Date : 2026-02-15 14:30
HTML Report:
See Samples/sample-report.html for an example of the audit report output.
# Copy to a module path
Copy-Item -Path .\AD-UserLifecycle -Destination "$env:USERPROFILE\Documents\PowerShell\Modules\" -Recurse
# Or import directly
Import-Module .\AD-UserLifecycle.psd1- PowerShell 5.1+
- ActiveDirectory module (RSAT)
- Permissions: create/modify users in target OUs, read template accounts
- (Optional) Write access to archive file share for home folder archival
See Templates/NewHires-Template.csv:
FirstName,LastName,Template,Department,Title,OfficePhone,Email
Jane,Smith,Template.IT,Information Technology,Systems Administrator,555-0101,jsmith@contoso.com
Bob,Jones,Template.HR,Human Resources,HR Coordinator,555-0102,bjones@contoso.com
- Template-based provisioning -- new users inherit OU placement, group memberships, and address properties from a designated template account. This ensures consistency across departments.
- SAMAccountName generation -- automatically creates
lastnamefirstinitialformat and handles collisions (smithj,smithj2, etc.) - Offboarding is a single command -- disable, reset password, strip groups, update description, hide from GAL, archive home folder, and move to Disabled OU. Every action logged to transcript for audit.
- -WhatIf on everything destructive -- preview any operation before it runs.
ConfirmImpact = 'High'on offboarding forces confirmation by default. - Transcript logging -- every provisioning and offboarding session writes a timestamped log file for compliance evidence.
AD-UserLifecycle/
├── AD-UserLifecycle.psd1 # Module manifest
├── AD-UserLifecycle.psm1 # Root module (auto-loads Public/Private)
├── Public/
│ ├── New-ADUserFromTemplate.ps1 # User provisioning
│ ├── Disable-DepartedUser.ps1 # Offboarding workflow
│ └── Export-ADUserReport.ps1 # Audit reporting
├── Private/
│ ├── _New-RandomPassword.ps1 # Secure password generator
│ └── _New-HtmlReport.ps1 # HTML report builder
├── Templates/
│ └── NewHires-Template.csv # Sample bulk import CSV
├── Tests/
│ └── AD-UserLifecycle.Tests.ps1 # Pester tests
└── Samples/
└── sample-report.html # Example HTML report output
Invoke-Pester .\Tests\ -Output DetailedThis tool was built to solve real admin pain points. If you have ideas for improvement, find a bug, or want to suggest a feature:
- Open an issue on this repo — Issues
- Feature requests, bug reports, and general feedback are all welcome
- Pull requests are appreciated if you want to contribute directly
If you find this useful, check out my other tools at larro1991.github.io
MIT