PowerShell

Active Directory: Find orphaned (unused) User Accounts with PowerShell

By on ( 2 Comments )

This short blog post will show you how you can find orphaned user accounts in Active Directory that may no longer be in use. Let’s go.

Code

Here is an example screen of the code.

Copy the lines below to PowerShell ISE or Visual Studio Code and run it. The Code will retrieve all user accounts that have not been logged on to the domain for 365 days.

Note that you may need to edit line 2 to suit your needs. Enter the days you want to calculate back.

# Calculate back x days from today
$date = (Get-Date).AddDays(-365)

# Retrieve users
Get-ADUser `
-Filter 'lastlogondate -le $date' `
-Properties LastLogonDate |
Select-Object Name,LastLogonDate

Mission accomplished.

Categories: PowerShell, Windows Server

Tagged as: , , ,

Published by Patrick Gruenauer

Microsoft MVP on PowerShell [2018-2024], IT-Trainer, IT-Consultant, MCSE: Cloud Platform and Infrastructure, Cisco Certified Academy Instructor.

2 replies »

  2. Hi Patrick,

    doesn’t work if you have more than one Domain-Controller.
    You only get the answer/result from the DC you are currently logged on . . . .

    Greets
    Tom

    Liked by 1 person

    Reply

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.