PowerShell Docs

Appearance

Remove-ServiceAccount

Users: Removes an Active Directory service account

Script
param(
	[Parameter(Mandatory = $true, ParameterSetName = "Local or Remote DC")]
	[Parameter(Mandatory = $true, ParameterSetName = "Remote Jumphost")]
	[string]$OUPath,

	[Parameter(Mandatory = $true, ParameterSetName = "Local or Remote DC")]
	[Parameter(Mandatory = $true, ParameterSetName = "Remote Jumphost")]
	[string]$AccountName,

	[Parameter(Mandatory = $true, ParameterSetName = "Remote Jumphost")]
	[PSCredential]$DomainAccount,

	[Parameter(ParameterSetName = "Local or Remote DC")]
	[Parameter(ParameterSetName = "Remote Jumphost")]
	[string]$DomainName,

	[Parameter(ParameterSetName = "Local or Remote DC")]
	[Parameter(ParameterSetName = "Remote Jumphost")]
	[ValidateSet('Base', 'OneLevel', 'SubTree')]
	[string]$SearchScope = 'SubTree',

	[Parameter(ParameterSetName = "Local or Remote DC")]
	[Parameter(ParameterSetName = "Remote Jumphost")]
	[ValidateSet('Basic', 'Negotiate')]
	[string]$AuthType = "Negotiate"
)

try {
	Import-Module ActiveDirectory -ErrorAction Stop

	[hashtable]$cmdArgs = @{
		'ErrorAction' = 'Stop'
		'AuthType'    = $AuthType
	}
	if ($null -ne $DomainAccount) {
		$cmdArgs.Add("Credential", $DomainAccount)
	}
	if ([System.String]::IsNullOrWhiteSpace($DomainName)) {
		$cmdArgs.Add("Current", 'LocalComputer')
	} else {
		$cmdArgs.Add("Identity", $DomainName)
	}
	$Domain = Get-ADDomain @cmdArgs

	$getArgs = @{
		'ErrorAction' = 'Stop'
		'Server'      = $Domain.PDCEmulator
		'AuthType'    = $AuthType
		'SearchBase'  = $OUPath
		'SearchScope' = $SearchScope
		'Filter'      = "SamAccountName -eq '$AccountName' -or DistinguishedName -eq '$AccountName'"
	}
	if ($null -ne $DomainAccount) { $getArgs.Add("Credential", $DomainAccount) }

	$srv = Get-ADServiceAccount @getArgs
	
	if ($null -ne $srv) {
		Remove-ADServiceAccount -Identity $srv -Server $Domain.PDCEmulator -AuthType $AuthType -Confirm:$false -ErrorAction Stop
		Write-Output "Service account '$AccountName' deleted successfully."
	} else {
		throw "Service account '$AccountName' not found in OU '$OUPath'"
	}
} catch {
	Write-Error $_
	exit 1
}
Customize

Specifies the Active Directory path (OU).

SAMAccountName or DistinguishedName of the service account.

Active Directory Credential for remote execution without CredSSP.

Name of the Active Directory Domain.

Specifies the scope of the search (Base, OneLevel, SubTree).

Specifies the authentication method to use (Basic or Negotiate).

An interactive directory of PowerShell scripts.

MIT License