How to find disabled Active Directory User accounts

Posted on IT Expert By IT Expert No Comments on How to find disabled Active Directory User accounts
find disabled Active Directory User accounts

When the need arises to query (search) for disabled users in Active Directory in very large environments where there are a lot of organization units etc., there are few ways to go about it. This process is relatively very easy to find using the Active Directory Administrative Center. In this article, we will learn How to find disabled Active Directory User accounts. Please see how to detect who disabled a user in Active Directory, andWhat Happens if You Turn Off Your Computer During an Update.

Also, see the Concept of Active Directory Computer Account, how to use the built-in Azure Active Directory Connect tool, and how to query a list of installed programs in Windows.

Disable AD Accounts

To demonstrate this, I will proceed to disable some users in my test lab as shown below.

Active Directory

This will let you know that the object has been disabled as shown below

disabled user accounts

Now we have some users deleted as shown below.

user account search

Note: To mitigate against this process in the future, it is best practice to have a container created and dedicated for housing disabled users only. below are some procedures to achieve this

Find Active Directory Disabled Account via PowerShell

This will run the below cmdlets to return disabled accounts. This will display the list of disabled users with other user account parameters (attributes) as shown in the image below.

Search-ADAccount -AccountDisabled
Active Directory

To return only the username of disabled users, run the following cmdlets as shown below.

Get-ADUser -Filter {Enabled -eq $false} | FT samAccountName
user account search

Common Queries

I will be demonstrating this using the common queries. Open the “Active Directory User and Computer” console as shown below.

Click on Tools and select Active Directory User and Computer

find disabled Active Directory User accounts

Click on “Find an object in Active Directory Domain Services”. Please see how to query, stop and delete a service in Windows

Under the Find drop-down menu, select “Common Queries”. Select Disabled account, and click on Find now as shown below

This will display a list of disabled accounts in your Active Directory environment as shown below.

Via Saved Queries

The below steps are used in displaying disabled users in the Active Directory environment.

Launch the Active Directory User and Computer Console. Right-click on “Saved Queries”. Click on New, and click on Query

This will open the “New Query” properties window. Enter the Query name, and click on Define Query

Select Disabled Account and click on Ok

This will display a list of disabled accounts as shown below as a saved query.

Ensure you have a procedure in place to delete disabled accounts after a certain period in order not to have a messy Active Directory environment.

I hope you found this article useful in learning how to find disabled Active Directory User accounts. Please feel free to leave a comment below.

Rate this post
Windows Server Tags:, , , ,

Related Posts

More Related Articles

sql server installation How to Install all Editions of Microsoft SQL Server 2025 Oracle/MSSQL/MySQL
windows 10 s wallpaper 800x450 1 How to remove WDS role via the GUI and PowerShell Windows Server
Remove Desktop Desktop services How to Remove Remote Desktop Services Role on Windows Server Windows Server
Resolvederror MBAM MBAM Policy was detected: Verify the OU used for pre-deployment does not apply MBAM policy Windows Server
maxresdefault The following errors occurred attempting to join the domain: The specified domain either does not exist or could not be contacted Windows Server
How to Install Windows Admin Center on Windows 10 11​ Install Windows Admin Center on Windows 10 and Windows 11 Windows

Leave a Reply