How to Retrieve Disabled Users and Computers in Active Directory and Export to CSV

By /

Featured Image
Whether you’re an IT Specialist or System Administrator, managing disabled accounts in Active Directory (AD) can be tedious. Instead of manually searching, you can automate the process with PowerShell commands to extract disabled users and computers and export them to a CSV file.

You Should Know:

1. Retrieve All Disabled Users in Active Directory

Run this PowerShell command to fetch all disabled user accounts:

Search-ADAccount -AccountDisabled -UsersOnly | Select-Object Name, SamAccountName, DistinguishedName | Export-Csv -Path "C:\Disabled_Users.csv" -NoTypeInformation
  1. Retrieve All Disabled Computers in Active Directory

To extract disabled computer accounts, use:

Search-ADAccount -AccountDisabled -ComputersOnly | Select-Object Name, SamAccountName, DistinguishedName | Export-Csv -Path "C:\Disabled_Computers.csv" -NoTypeInformation
  1. Combine Disabled Users and Computers into a Single CSV

If you need both in one file:

$DisabledUsers = Search-ADAccount -AccountDisabled -UsersOnly | Select-Object Name, SamAccountName, DistinguishedName 
$DisabledComputers = Search-ADAccount -AccountDisabled -ComputersOnly | Select-Object Name, SamAccountName, DistinguishedName 
$Combined = $DisabledUsers + $DisabledComputers 
$Combined | Export-Csv -Path "C:\All_Disabled_Accounts.csv" -NoTypeInformation
  1. Move Disabled Accounts to a Specific OU
    After exporting, move them to a designated OU (e.g., “Disabled_Accounts”):
$DisabledAccounts = Import-Csv -Path "C:\All_Disabled_Accounts.csv" 
foreach ($Account in $DisabledAccounts) { 
$DN = $Account.DistinguishedName 
Move-ADObject -Identity $DN -TargetPath "OU=Disabled_Accounts,DC=domain,DC=com" 
}

5. Verify the Move

Check if accounts were moved successfully:

Get-ADObject -Filter  -SearchBase "OU=Disabled_Accounts,DC=domain,DC=com" | Select-Object Name

What Undercode Say:

Managing disabled accounts manually is inefficient. Automating with PowerShell ensures accuracy and saves time. Regularly audit disabled accounts to maintain AD hygiene.

Expected Output:

  • A CSV file containing all disabled users and computers.
  • All disabled accounts moved to a dedicated OU.
  • Verification logs confirming successful execution.

Prediction:

As organizations grow, AD management will increasingly rely on automation. Expect more AI-driven AD cleanup tools in the future.

References:

Reported By: Shamseer Siddiqui – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅

Join Our Cyber World:

💬 Whatsapp | 💬 Telegram

Related Posts: