Site collections still have users that are either disabled or deleted from Active Directory. SharePoint does not have anything out of the box that will clean up these. The reasons to clean these users up is to avoid getting them as a result in the people picker when they should not be showing up. I do have two scripts that will clean these users up. This will be something you want to test out since this is a delete function (leave $RemoveUsers = $false).
|
WARNING: This will remove users from site collections. This will remove their alerts, personal views, unique permissions, etc. The only way to revert is to restore the site collection or content database from backup. |
Just a bit of information about your site…
This script does require some modification to tailor it for your environment. The service account is needed even if it’s the local domain. This was designed this way, so you can use this script for sites that have users from different domains. As stated above, $RemoveUsers is the switch to make this to script to remove the users that were not found in Active Directory. By default, this is set to $false. After everything is set, run “GetUsers”.
CSV is created.
The CSV will be created if any users are in the site collections that are no longer in Active Directory or are disabled. Review this before feeding it through the second script. There might be some accounts you may have false positives or just want to remove a few entries. 
This script is more straight forward since we are taking that CSV and removing the user from the URL specified in the CSV. I would recommend backing up the content database(s) that could be affected by this script. DeletedADUsersFromsites1.1.ps1 can be downloaded here
The second script can be downloaded here.