How to search disabled accounts in Active Directory?

by Editorial Team | Dec 2, 2023 | Windows | 0 comments

search-disabled-ad-account

System administrators often need to locate disabled user accounts in Active Directory Users and Computers (ADUC) for auditing, cleanup, or reactivation purposes. Fortunately, ADUC provides built-in filters to perform this task efficiently using the graphical interface. This guide walks you through the steps using the built-in tools, complete with original screenshots.

Table of Contents

Step 1: Open Active Directory Users and Computers

Press Windows key + R to open the Run dialog.
Type dsa.msc and press Enter.

Launch ADUC via Run

Alternative Method:

Press Windows key and type Active Directory Users and Computers.
Select the app from the Start menu.

Launch ADUC from Start Menu

Step 2: Enable Advanced Features

Click on the View menu in ADUC.
Select Advanced Features to enable additional management tabs.

Enable Advanced Features in ADUC

This step is essential to access attributes like the Attribute Editor and view detailed account information.

Step 3: Perform a Search for Disabled Users

Right-click on the container or domain where you want to search.
Choose Find… from the context menu.

Access Find dialog in ADUC

In the Find Users, Contacts, and Groups window, click the Common Queries tab.
Select the appropriate domain in the In dropdown.
Check the box labeled Disabled accounts.
Click Find Now to execute the search.

Search results for disabled user accounts

Step 4: Review Search Results

The results pane will display all user accounts that match your filter criteria. You can scroll through and verify usernames, organizational units (OUs), and descriptions to identify inactive or decommissioned accounts.

Step 5: View and Confirm Account Properties

Double-click on a user account in the results list.
Go to the Account tab to confirm that “Account is disabled” is checked.

Tips and Best Practices

Use clear naming conventions when disabling accounts temporarily.
Document reasons for disabling accounts using the Description field.
Consider scheduling a quarterly review of disabled accounts for security hygiene.

Related Articles from MagnetClicks

Please note that the exact steps and options may vary slightly depending on your version of Active Directory Users and Computers. The key is to enable “Advanced Features” to access additional options and fields, and then use the “Find” feature to search for disabled user accounts.

← Previous Next →

Related Articles

How to Set Up Windows Hello for Business in Hybrid Environments

How to Set Up Windows Hello for Business in Hybrid Environments

Windows Hello for Business (WHfB) allows enterprises to eliminate passwords by using biometric or PIN-based sign-ins. If your organization uses a...

Key Security Benefits of Hybrid Cloud for Data Compliance

Key Security Benefits of Hybrid Cloud for Data Compliance

Hybrid cloud isn't just about flexibility — it's also one of the most powerful strategies enterprises can use to enhance data security and meet...

The Future of Network Automation

The Future of Network Automation

What is Network Automation? Network automation refers to the use of software to automatically configure, manage, test, and operate network devices...

How to Recover Lost Data?

How to Recover Lost Data?

Losing data can feel like a punch to the gut, whether it's a report you've worked on for weeks or years of precious family photos. But before you...

How to create Virtual Machine using Hyper V?

How to create Virtual Machine using Hyper V?

Hyper-V, Microsoft's hardware virtualization product, enables users to create and run a software version of a computer, called a virtual machine....

How to enable ADUC in Windows Server 2022?

How to enable ADUC in Windows Server 2022?

Efficient management of network resources is pivotal for any organization's success. Active Directory Users and Computers (ADUC) in Windows Server...

Recent Posts

Categories