“User Accounts”

Ever wondered what user accounts exist in your Windows Domain and better still which of these accounts are Enabled or Disabled. Well here is a great way to find out, the Powershell script below will allow you to easily retireve a list of all the user accounts on your domain when run from a domain controller.

Get-WmiObject Win32_UserAccount -filter “LocalAccount=False” | Select-Object Name,Disabled

Below we have another almost identical script but this one has the added benefit of showing if a user account has been locked out, for instance a user may have exceeded the maximum number of failed logins or a hacker may have been trying to brute force a user account. As you can see this is achieved by just adding ,Lockout to the end of the script to query the account status.

Get-WmiObject Win32_UserAccount -filter “LocalAccount=False” | Select-Object Name,Disabled,Lockout

These scripts can be used in conjunction with your server monitoring software, such as GFI Max Remote Management.

Aid In IT

Tag Archives: “User Accounts”

Powershell Script to List Active Directory User Accounts along with Disabled and Lockout Status

IT – Software and Hardware Support Resources