Blog Post Title One

# Requires: ActiveDirectory module (RSAT or on a DC)

Import-Module ActiveDirectory -ErrorAction Stop

while ($true) {

$upn = Read-Host "Enter user UPN (user@domain.com) or press Enter to quit"

if ([string]::IsNullOrWhiteSpace($upn)) {

Write-Host "No UPN entered. Exiting."

break

}

# Look up the user by UPN

$user = Get-ADUser -Filter "UserPrincipalName -eq '$upn'" -Properties DisplayName,Description

if (-not $user) {

Write-Host "User '$upn' not found in Active Directory." -ForegroundColor Yellow

# Per your spec: return to the cmd line (end script)

break

}

Write-Host "Found user: $($user.SamAccountName)"

Write-Host "Display Name: $($user.DisplayName)"

Write-Host ""

# Confirm enable

while ($true) {

$answer = Read-Host "Are you sure you want to enable this user? (Y/N)"

if ([string]::IsNullOrWhiteSpace($answer)) {

continue

}

$answer = $answer.Trim().ToUpper()

if ($answer -eq 'Y') {

$oldDescription = $user.Description

if ($null -eq $oldDescription) { $oldDescription = "" }

# Remove ONLY the leading: "Disabled - mm/dd/yy - " (from the beginning)

$newDescription = ($oldDescription -replace '^(?i)Disabled\s*-\s*\d{2}/\d{2}/\d{2}\s*-\s*', '').Trim()

try {

Enable-ADAccount -Identity $user.DistinguishedName

Set-ADUser -Identity $user.DistinguishedName -Description $newDescription

Write-Host "User '$upn' has been enabled."

Write-Host "New Description: $newDescription"

}

catch {

Write-Host "Error enabling user or setting description: $($_.Exception.Message)" -ForegroundColor Red

}

break

}

elseif ($answer -eq 'N') {

Write-Host "User '$upn' was NOT enabled. Returning to user prompt..."

break

}

else {

Write-Host "Please enter Y or N."

}

}

# Loop back and ask for another UPN

}