$date = $(get-date).AddDays(90).ToString("dd/MM/yyyy")
$sam = Read-Host 'Account name to disable (For example: Firstname.lastname)'
# Get the properties of the account and set variables
$user = Get-ADuser $sam -properties canonicalName, distinguishedName, displayName, mailNickname, Description
$dn = $user.distinguishedName
$cn = $user.canonicalName
$din = $user.displayName
$UserAlias = $user.mailNickname
$desc = $user.Description
#COMMENTED OUT FOR TESTING
# Changes Description
Set-ADUser $dn -Description ($desc + " PENDING 90 DAY DELETION ON " + $date )
# Strip the permissions from the account
Get-ADPrincipalGroupMembership -Identity $sam | Where-Object {$_.Name -notin "Domain Users","office-license"} | ForEach-Object {$_ | Remove-ADGroupMember -Member $sam -Confirm:$false}
Give it a go, please