article, I am going to write powershell script samples to list all AD Users who are inactive for particular days and export inactive AD users to CSV file.
Powershell command to list inactive AD Users by TimeSpan:
Search-ADAccount –AccountInactive -TimeSpan "Days.Hrs:Mins:Secs" -UsersOnly
Search-ADAccount lists both users and computers, we need to pass the parameter -UsersOnly to list only users.
Powershell command to list inactive AD Users by DateTime:
Search-ADAccount –AccountInactive -DateTime "1/10/2015" -UsersOnly
Summary
- Find Inactive AD Users by TimeSpan
- Find and List Inactive AD Users by DateTime
- Find Inactive AD Users from specific OU
- Export Inactive AD Users to CSV
Find Inactive AD Users by TimeSpan
The following command find AD users who are not logged in last 90 days by passing the parameters AccountInactive and TimeSpan into powershell cmdlet Search-ADAccount and list the selected properties of all inactive Active Directory users.
Import-Module ActiveDirectory Search-ADAccount –AccountInactive -TimeSpan 90.00:00:00 -UsersOnly | Select -Property Name,DistinguishedName,LastLogonDate
Find and List Inactive AD Users by DateTime
The following script find AD users who have not logged in since “1/8/2015” and list the selected properties of all inactive Active Directory users.
Import-Module ActiveDirectory Search-ADAccount –AccountInactive -DateTime "1/8/2015" -UsersOnly | Select -Property Name,DistinguishedName,LastLogonDate
Find Inactive AD Users from specific OU with Powershell
We can set target OU scope by using the parameter SearchBase in Search-ADAccount cmdlet. This following command select and list all the AD users who are not logged in last 90 days from the Organization Unit ‘TestOU‘.
Import-Module ActiveDirectory Search-ADAccount -SearchBase "OU=TestOU,DC=TestDomain,DC=Local" –AccountInactive -TimeSpan 90.00:00:00 -UsersOnly | Select -Property Name,DistinguishedName,LastLogonDate
Export Inactive AD Users to CSV with Powershell
We can export powershell output into CSV file using Export-CSV cmdlet. The following command export selected properties of all inactive Active Directory users to CSV file.
Import-Module ActiveDirectory Search-ADAccount –AccountInactive -TimeSpan 90.00:00:00 -UsersOnly | Select -Property Name,DistinguishedName,LastLogonDate | Export-CSV "C:\InactiveADUsers.csv" -NoTypeInformation -Encoding UTF8
CSV Output of Disabled AD User Accounts:
Is there a way to search using multiple OU's and export all of that data to a csv. I can get one OU to export just fine but can't find a way to do it for multiple OU's.