This guide provides a PowerShell script to retrieve and display all Active Directory users who are not disabled. This is useful for administrators who need to manage and monitor user accounts in an Active Directory environment. The script can be customized to include additional properties or filter criteria as needed.
PowerShell Script to Retrieve Non-Disabled Active Directory Users
# Import the Active Directory module
Import-Module ActiveDirectory
# Retrieve all Active Directory users who are not disabled
$users = Get-ADUser -Filter {Enabled -eq $true}
# Display the users
$users
- Import-Module ActiveDirectory: This line imports the Active Directory module, which provides cmdlets for managing Active Directory objects.
- Get-ADUser: This cmdlet is used to retrieve Active Directory users. We specify a filter using the
-Filterparameter to narrow down the results. - {Enabled -eq $true}: This is the filter expression. We’re filtering users where the
Enabledproperty is equal to$true, meaning they are not disabled. Active Directory stores user account status in theEnabledproperty, where$trueindicates that the account is enabled and$falseindicates it’s disabled. - $users: This variable stores the result of the
Get-ADUsercmdlet, which contains all the Active Directory users that meet the specified filter criteria. - $users: Finally, we display the users by outputting the contents of the
$usersvariable.
By using these PowerShell commands, administrators can efficiently manage Active Directory users and ensure that they have up-to-date information on active accounts.
For an advanced version of this PowerShell Script that queries every Active Users in the Active Directory Domain and exports to CSV, Checkout this link