# Ps1 script to disable/enable user accounts with schedule sheet
cls
Import-Module ActiveDirectory

$OU = "OU=yourOU, DC=yourdomain, DC=com" 
$groupDomainAdmin = "Domain Administrators"
$fileData ="D:\Scripts\ADUserManager\data.txt"
$fileLog = "D:\Scripts\ADUserManager\report.log"
$codePage = "Unicode"
$report = $null


function ExecDataFile()
{  
   try 
   {      	  
      $report = (Get-Date -uformat "%Y-%m-%d %H:%M:%S") + "; Start Process" | Out-File -FilePath $fileLog -Append -Encoding $codePage            
      $arrAccountToControl = @() 
         
      if (Test-Path $fileData)  
      {	 
         $arrFile = Get-Content $fileData -Encoding $codePage      
         $intRow = 1   
	 foreach ($line in $arrFile) 
	 {                
            if ($line -eq $null) 
	    { 
	       break 
	    }            			
	    $arrLine = $line.split(";")
            $name = $arrLine[0] 
            $samAccountName = $arrLine[1] 
	    $sid = $arrLine[2] 
            $dtStart = $arrLine[3] 
	    $dtEnd = $arrLine[4] 
	    $enabled = $arrLine[5] 	  		         
	  	  
	    $dateNow = Get-Date            		  			
	    $dateStart = $null
            $dateEnd = $null
	    $accountStatus = $null	       
        
	    if (($dtStart -ne '') -and ($dtStart -ne $null)) 
    	    {		   
	       $dateStart = [datetime]::ParseExact($dtStart,"yyyy-M-dd",$null)
  	       if (($dateStart -ne $null) -and ($dateStart -le $dateNow)) 
	       {
	          $accountStatus = "Disabled"
   	       }
	       else 
    	       {
	          $accountStatus = "Waiting"
	       }		   			   
	    }
	              
	    if (($dtEnd -ne '') -and ($dtEnd -ne $null)) 
    	    {		           			   
	       $dateEnd = [datetime]::ParseExact($dtEnd,"yyyy-M-dd",$null) 	           			   			   
	       $dateEnd= $dateEnd.AddDays(1)
	       if (($dateEnd -ne $null) -and ($dateEnd -lt $dateNow)) 
	       {			   
	          $accountStatus = "Enabled"	          
	       }
	       else 
               {
	          if ($accountStatus -eq $null) 
	          {
		     $accountStatus = "Disabled"
		  }
	       }
	    }
	    if ($accountStatus -ne $null) 
            {	
               try 
	       {
	          $objADUserControl = Get-ADUser -Identity $sid						   
      	       }
	       catch [Exception]  
               {  
	          $report = (Get-Date -uformat "%Y-%m-%d %H:%M:%S") + "; " + $name + "; " + $samAccountName + "; "`
		  + $sid + "; " + $dtStart + "; " + $dtEnd + "; " + "User not found in AD" `
		  | Out-File -FilePath $fileLog -Append -Encoding $codePage     		                 	             
	          continue;
	       }
	       if ($objADUserControl -ne $null ) 
               {
	          $accountEnabled = $objADUserControl.Enabled			
	       }	

	       if ($accountStatus -eq "Disabled") 
	       {
	          $arrAccountToControl += ,($name, $samAccountName, $sid, $dtStart, $dtEnd, "Disabled")			           	
		  if ($accountEnabled -eq $true)
        	  {				  				     
	             Set-ADUser -Identity $sid -Enabled $false
		     $report = (Get-Date -uformat "%Y-%m-%d %H:%M:%S") + "; " + $name + "; " + $samAccountName + "; "`
		     + $sid + "; " + $dtStart + "; " + $dtEnd + "; " + $accountStatus `
		     | Out-File -FilePath $fileLog -Append -Encoding $codePage     		                 	             
	          }
      	       }

	       if ($accountStatus -eq "Waiting") 
	       {
	          $arrAccountToControl += ,($name, $samAccountName, $sid, $dtStart, $dtEnd, "Waiting")			 
		  if ($accountEnabled -eq $false)
                  {				  				     
	             $asd = Set-ADUser -Identity $sid -Enabled $true							  
		     $report = (Get-Date -uformat "%Y-%m-%d %H:%M:%S") + "; " + $name + "; " + $samAccountName + "; "`
		     + $sid + "; " + $dtStart + "; " + $dtEnd + "; " + $accountStatus | Out-File `
		     -FilePath $fileLog -Append -Encoding $codePage     		                 	             
		  }		          
	       }

	       if (($accountStatus -eq "Enabled") -and ($accountEnabled -eq $false))
	       {			   	  	        
                  Set-ADUser -Identity $sid -Enabled $true							  
		  $report = (Get-Date -uformat "%Y-%m-%d %H:%M:%S") + "; " + $name + "; " + $samAccountName + "; "`
		  + $sid + "; " + $dtStart + "; " + $dtEnd + "; " + $accountStatus | Out-File `
		  -FilePath $fileLog -Append -Encoding $codePage
		  $dtStart = $null
   		  $dtEnd = $null		          
               }
	    }
	    $intRow++ 	  	  
	 } 
      } 
   

      $arrADUser = Get-ADUser -Filter * -SearchBase $OU -searchscope Subtree -Properties Name, SamAccountName, Sid, Enabled, MemberOf | Sort-Object Name      
      if ($arrADUser.Count -gt 0)
      {
         Clear-Content $fileData
      }

      $intRow = 1	  
      foreach ($objADUser in $arrADUser) 
      {
         if ( $objADUser.MemberOf -match $groupDomainAdmin) 
       	 {
	    continue
	 }		 
	 $line = $objADUser.Name + ";" + $objADUser.SamAccountName + ";" + $objADUser.Sid.Value + ";"
	 $i = 0		 
	 foreach ($tmp in $arrAccountToControl) 
	 {         
 	    if ($objADUser.Sid.Value -eq  $arrAccountToControl[$i][2]) 
	    {		    			   
	       $line += $arrAccountToControl[$i][3]
	    }
	    $i++
	 }		 
	 $line += ";"		   	  	    
	 $i = 0
	 foreach ($tmp in $arrAccountToControl) 
	 {         
	    if ($objADUser.Sid.Value -eq  $arrAccountToControl[$i][2]) 
            {		    
	       $line += $arrAccountToControl[$i][4]		       
	    }
	    $i++
	 }
	 $line += ";"
	 	          
	 if ($objADUser.Enabled -eq $false ) 
	 {		 
	    $line += "Disabled"		
	 }
	 $line += ";"		     
	 $line | Out-File -FilePath $fileData -Append -Encoding $codePage		 
         $intRow++ 
      }       
   }  
   catch [Exception]  
   {       	  
      $report = (Get-Date -uformat "%Y-%m-%d %H:%M:%S") + "; Error! Description:" | Out-File -FilePath $fileLog -Append -Encoding $codePage
      $_ | Out-File -FilePath $fileLog -Append -Encoding $codePage
      $_ | Format-List -Property * -Force | Out-File -FilePath $fileLog -Append -Encoding $codePage
      return	  	  
   }
   finally 
   {   
      (Get-Date -uformat "%Y-%m-%d %H:%M:%S") + "; End Process" | Out-File -FilePath $fileLog -Append -Encoding $codePage	  
   }
}

ExecDataFile