.png)
Search-ADAccount
Applies To: Windows Server 2012
Search-ADAccount
Syntax
Search-ADAccount [ <CommonParameters>]
Detailed Description
The Search-ADAccount cmdlet retrieves one or more user, computer, or service accounts that meet the criteria specified by the parameters. Search criteria include account and password status. For example, you can search for all accounts that have expired by specifying the AccountExpired parameter. Similarly, you can search for all accounts with an expired password by specifying the PasswordExpired parameter. You can limit the search to user accounts by specifying the UsersOnly parameter. Similarly, when you specify the ComputersOnly parameter, the cmdlet only retrieves computer accounts.
Some search parameters, such as AccountExpiring and AccountInactive use a default time that you can change by specifying the DateTime or TimeSpan parameter. The DateTime parameter specifies a distinct time. The TimeSpan parameter specifies a time range from the current time. For example, to search for all accounts that expire in 10 days, specify the AccountExpiring and TimeSpan parameter and set the value of TimeSpan to "10.00:00:00". To search for all accounts that expire before December 31, 2012, set the DateTime parameter to "12/31/2012".
Parameters
<CommonParameters>
This cmdlet supports the common parameters: -Verbose, -Debug, -ErrorAction, -ErrorVariable, -OutBuffer, and -OutVariable. For more information, see about_CommonParameters.
Inputs
The input type is the type of the objects that you can pipe to the cmdlet.
- None
Outputs
The output type is the type of the objects that the cmdlet emits.
-
Microsoft.ActiveDirectory.Management.ADAccount
Returns one or more account objects that meet the conditions set by the parameters.
Examples
-------------------------- EXAMPLE 1 --------------------------
Description
-----------
Returns all users, computers and service accounts that are disabled.
C:\PS>Search-ADAccount -AccountDisabled | FT Name,ObjectClass -AName ObjectClass---- -----------Guest userkrbtgt userkrbtgt_51399 userAmyAl-LPTOP computerDeepakAn-DSKTOP computer
-------------------------- EXAMPLE 2 --------------------------
Description
-----------
Returns all users that are disabled.
C:\PS>Search-ADAccount -AccountDisabled -UsersOnly | FT Name,ObjectClass -AName ObjectClass---- -----------Guest userkrbtgt userkrbtgt_51399 user
-------------------------- EXAMPLE 3 --------------------------
Description
-----------
Returns all users, computers and service accounts that are expired.
C:\PS>Search-ADAccount -AccountExpired | FT Name,ObjectClass -AName ObjectClass---- -----------Greg Chapman userClaus Hansen userTomasz Bochenek user
-------------------------- EXAMPLE 4 --------------------------
Description
-----------
Returns all users, computers and service accounts that will expire in the next 6 days.
C:\PS>Search-ADAccount -AccountExpiring -TimeSpan 6.00:00:00 | FT Name,ObjectClass -AName ObjectClass---- -----------Iulian Calinov userJohn Campbell userGarth Fort user
-------------------------- EXAMPLE 5 --------------------------
Description
-----------
Returns all accounts that have been inactive for the last 90 days.
C:\PS>Search-ADAccount -AccountInactive -TimeSpan 90.00:00:00 | FT Name,ObjectClass -AName ObjectClass---- -----------FABRIKAM-RODC1 computerGuest userkrbtgt userkrbtgt_51399 userAlmudena Benito userAaron Con userAdina Hagege userAaron Nicholls userAaron M. Painter userJeff Phillips userFlemming Pedersen use
-------------------------- EXAMPLE 6 --------------------------
Description
-----------
Returns all accounts where the password has expired.
C:\PS>Search-ADAccount -PasswordExpired | FT Name,ObjectClass -AName ObjectClass---- -----------Stan Orme userDanni Ortman userMatej Potokar user
-------------------------- EXAMPLE 7 --------------------------
Description
-----------
Returns all accounts with a password that will never expire.
C:\PS>Search-ADAccount -PasswordNeverExpires | FT Name,ObjectClass -AName ObjectClass---- -----------Guest userToni Poe userAnders Riis userFabien Hernoux user
-------------------------- EXAMPLE 8 --------------------------
Description
-----------
Returns all accounts that have been locked out.
C:\PS>Search-ADAccount -LockedOut | FT Name,ObjectClass -AName ObjectClass---- -----------Toni Poe user
-------------------------- EXAMPLE 9 --------------------------
Description
-----------
Returns all disabled computer accounts.
C:\PS>Search-ADAccount -AccountDisabled -ComputersOnly | FT Name,ObjectClass -AName ObjectClass---- -----------TPOE-PC1 computer
-------------------------- EXAMPLE 10 --------------------------
Description
-----------
Returns all accounts which expire on the 18th of March, 2009.
C:\PS>Search-ADAccount -AccountExpiring -DateTime "3/18/2009" | FT Name,ObjectClass -AName ObjectClass---- -----------Anders Riis user
-------------------------- EXAMPLE 11 --------------------------
Description
-----------
Returns all users, computers and service accounts that are disabled in the LDS instance: "FABRIKAM-SRV1:60000".
C:\PS>Search-AdAccount -AccountDisabled -SearchBase "DC=AppNC" -Server "FABRIKAM-SRV1:60000"Enabled : FalseName : SanjayPatelUserPrincipalName :PasswordNeverExpires :LockedOut : FalseObjectGUID : d671de28-6e40-42a7-b32c-63d336de296dObjectClass : userSID : S-1-510474493-936115905-2231798853-1260534229-4171027843-767619944PasswordExpired : FalseLastLogonDate :DistinguishedName : CN=SanjayPatel,OU=AccountDeptOU,DC=AppNCAccountExpirationDate :
Related topics
