Backup/_NDGOV_WindowsTeam/ITD.Infra-ActiveDirectory.Object/Public/Disable-ITDADUser.ps1

function Disable-ITDADUser
{
    [CmdletBinding()]
    Param
    (
        [string]
        $Identity,

        [PSCredential]
        $Credential
    )

    Begin
    {
        Write-Verbose "Validate credentials, stop script if invalid."
        If($Credential -eq "" -or $Credential -eq $null)
        {
            $Credential = Get-Credential -Message "Enter domain/OU administrator credentials.  User name must be entered as a SAMAccountName (DOMAIN\username) or as a User Principal Name (username@domain.com)" -UserName $Credential
            If($Credential -eq "" -or $Credential -eq $null)
            {
                Write-Warning "credentials missing - stopping script"
                break
            }
            If((Test-ADCredential -Credential $Credential -ErrorAction Stop) -eq $false)
            {
                Write-Warning "Invalid credentials or locked account."
                break
            }
        }
        Import-Module ActiveDirectory
    }
    Process
    {
        $OUdestination = "OU=DisabledAccounts,OU=USERS,OU=ITD,DC=ND,DC=GOV"
        ForEach($username in $Identity)
        {
            
            Write-Verbose "[$Username]:Processing"
            $object = Get-ADUser -Identity $username
            Write-Verbose "[$Username]:Disabling Object"
            $object | Set-ADuser -Enabled $false -Credential $Credential
            Write-Verbose "[$Username]:Moving Object"
            $object | Move-ADObject -TargetPath $OUdestination -Credential $Credential
        }
    }
    End
    {
    }
}