Archiving user folders with powershell

Question

I am currently working on a project with powershell to help clean up and save space on our server. I work in a secondary school and we have over 1000 users at our location. I have created a script to create a folder for each user in a location and give only that user and myself access to the folder for them to store their work and general documents on our NAS. The problem I am going to be running into in the future though, is that I don't have a way of archiving their folders yet when the student leaves the school, so in a few years time there is going to be an issue of having only 1000 users, but 2000+ personal folders created, many of which can be archived for a period of time and then deleted to save space on the NAS. The script I have created to generate their folders is below (I have redacted the AD group names and server locations for privacy)

Import-Module ActiveDirectory
Import-Module NTFSSecurity
$ADUsers = Get-ADGroupMember -Identity *user AD Group*
ForEach ($ADUser in $ADUsers) 
{
New-Item -ItemType Directory -Path "*Server location*\$($ADUser.sAMAccountname)"
$userfolder = "*Server location*\$($ADUser.sAMAccountname)"

Get-Item $userfolder | Disable-NTFSAccessInheritance
Get-Item $userfolder | Add-NTFSAccess -Account $ADUser.sAMAccountname -AccessRights FullControl
Get-Item $userfolder | Remove-NTFSAccess -account *user AD Group* -AccessRights FullControl
}

This works fine for the folder creation, but I am trying to find a way to archive the user folders of students that have left. I have an idea of creating a CSV file by getting the current usernames from the AD group, then comparing them with the folders in the directory created by the script and have all matching folders stay, but all folders that don't appear in the csv file to be moved to another location for archiving however I am not sure if this is the best way to do it or if I am overlooking a solution that is already in place for this type of thing. Getting a list of users that have left is difficult because they just disappear from the system, I just have a list of current users.

I am currently trying to do this using CSV files, my thinking is to do something like this..

Get-ADGroupMember -Identity *user AD Group* | Select-Object samaccountname | Export-Csv -Path "*server location*\user test csv.csv"

Get-ChildItem "*server location*" | Select-Object PSChildName | Export-Csv -Path "*server location*\folder list.csv"

New-Item -ItemType file *server location*\combined_files.csv –force
Get-Content "*server location*\user test csv.csv", "*server location*\folder list.csv" | Add-Content *server location*\combined_files.csv

The above script creates a CSV file of user's SamAccountNames and a CSV file of folder names that were created by the first script and merges the two CSV files together, creating a new csv file that looks like

a
a
b
c
c
d

But I can't figure out how to remove all entries that are duplicated to leave just the unique entries so the new CSV looks like this

b
d

So that I can use this new CSV file to move the all the folders contained within to the new folder location for archiving.

Is my thinking correct that this is the best way to do this? or is there another better way to skin this cat?

Answer 1

So I have managed to figure out a solution to what I wanted to do and I have posted the script below for anyone else looking for a way to solve the problem. The basic logic is this

1. Create a CSV file of the users that exist in AD
2. Create a CSV file of the folders that have been created over time
3. Compare the 2 files together and remove the current users from the list of folders leaving you with a list of folder names that belong to people who have left the site and save as a text file
4. A little clean up by removing the 2 CSV files that were generated to create the txt file
5. Do some editing to the txt file to remove the quotation marks that are generated from the formating of the CSV's
6. Create a new directory for archiving purposes if you don't already have a suitable location
7. Loop through the folders and move the folders with the corresponding usernames from the txt file to the new location

I have redacted server locations, adgroups etc but the script will still work once you put your information in there.

#This creates a CSV file of the all the users that are a member of the AD Group
Get-ADGroupMember -Identity *ADGroup* | Select-Object samaccountname | Export-Csv -Path "*CSV File Location*"

#This creates a CSV File of all the folders that have been generated over time for the use of a personal drive
Get-ChildItem *Server location* | Select-Object PSChildName | Export-Csv -Path "*CSV File Location*"

#This compares the 2 CSV files together, and removes names in the current user list CSV from the Current User Folder list CSV 
#and creates a Text file that only contains the names of the folders of users who are no longer in AD and are assumed to have left the site
$disabledUsers = Get-Content -Path "*CSV File Location*"
$enabledUsers = Get-Content -Path "*CSV File Location*" | foreach {
    if ($_ -notin $disabledUsers) { $_ }
}
Set-Content -Path "Text File location" $enabledUsers


#This is just to perform a little clean up of the csv files as they are no longer needed
Remove-Item -Path "*CSV File Location*"
Remove-Item -Path "*CSV File Location*"


#This removes the quotations that are created from converting the CSV files to a text file
(Get-Content *Text File location* -Encoding UTF8) | ForEach-Object {$_ -replace '"',''} | Out-File *Text File location* -Encoding UTF8

#This creates the new folder to store the user folders for archiving
New-Item -ItemType Directory -Path "*New Archive Folder Location*"

#This is the loop that then goes through the text file that contains all the users that no longer exist in the system
#and moves their folders to the archive location
$Userlist = Get-Content *Text File location* -Encoding UTF8
ForEach ($user in $Userlist)
{
Move-Item *server Location*$User -Destination *Archive Location*
}