PowerShell

Active Directory: Find orphaned (unused) User Accounts with PowerShell

By on ( 2 Comments )

This short blog post will show you how you can find orphaned user accounts in Active Directory that may no longer be in use. Let’s go.

Code

Here is an example screen of the code.

Copy the lines below to PowerShell ISE or Visual Studio Code and run it. The Code will retrieve all user accounts that have not been logged on to the domain for 365 days.

Note that you may need to edit line 2 to suit your needs. Enter the days you want to calculate back.

# Calculate back x days from today
$date = (Get-Date).AddDays(-365)

# Retrieve users
Get-ADUser `
-Filter 'lastlogondate -le $date' `
-Properties LastLogonDate |
Select-Object Name,LastLogonDate

Mission accomplished.

Categories: PowerShell, Windows Server

Tagged as: , , ,

Published by Patrick Gruenauer

Microsoft MVP on PowerShell [2018-2023], IT-Trainer, IT-Consultant, MCSE: Cloud Platform and Infrastructure, Cisco Certified Academy Instructor.

2 replies »

  2. Hi Patrick,

    doesn’t work if you have more than one Domain-Controller.
    You only get the answer/result from the DC you are currently logged on . . . .

    Greets
    Tom

    Liked by 1 person

    Reply

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.