Here is a quick powershell command to find all users inside of your Active Directory domain that have been marked as disabled (this will exclude disabled computers):
Get-ADUser -Filter {Enabled -eq $false} | FT samAccountName
Additionally, you can specify which additional options you would like to show by change the filter table command we are piping the results to. For example, this command will show the samAccountName, first name, and last name of the disabled users.
Get-ADUser -Filter {Enabled -eq $false} | FT samAccountName, GivenName, Surname
If you want no formatting whatsoever and have AD spit a bunch of information back at you, try running just the Get-ADUser part with the filter applied.
Get-ADUser -Filter {Enabled -eq $false}
The following command below can be used to pull a list of disabled users and computers:
Search-ADAccount -AccountDisabled
Hi Jack,
thanks for that lovely website. I am trying to use you above command but need to drill a bit down to a specific ou other wise I will have tones of results. and can I make the query save my result into a text file?
Thanks and Regards,
Abbas
Hi abbas,
You can use the SearchBase parameter to set which OU you want. For example:
Get-ADUser -SearchBase "OU=MYOUHOLDINGTHEACCOUNTS,DC=MYDOMAIN,DC=COM" -Filter {Enabled -eq $false} | FT samAccountName
Hope this helps!
Jack
Hi,
how can i get the disabled date of the users.
Thanks.
Hi Imran,
The closest you could get would be the whenChanged attribute as I don't believe there is a specific attribute storing the date of the specific action of disabling the account.
Please see the following blog:
https://social.technet.microsoft.com/Forums/windowsserver/en-US/2560e797-a929-4fe0-bfcb-8e7d850d865b/ad-users-disabled-date?forum=winserverDS
Jack