操作AD内用户，powershell半自动化执行

最近公司离职人员有的频繁，所以写了powershell来进行半自动化执行。后期空了再优化下，powershell定时读数据库字段，自动执行

废话不多说了，看代码，注释是英文我就不改了

##########################
# Author:rp722
#
# 
##########################

#$user is the user login ID xxx
$user="xxx"

#backup user‘s gourp name to txt file 
Get-ADPrincipalGroupMembership $user | Select-Object Name >C:\Script\$user.txt

#get user‘s  groups DN name
$groups=(get-aduser $user -properties memberof).memberof

#remove user from each group
foreach($gp in $groups)
{
   remove-adgroupmember -Identity $gp -Members $user -Confirm:$false
}

#set user Description
get-aduser $user|set-aduser -Description "User has left company"

#Move user
get-aduser -Identity $user|Move-ADObject -TargetPath "OU=Disabled,OU=Common,DC=domain,DC=net"

#Disable user
get-aduser -Identity $user|Disable-ADAccount