# encoding: ascii
# api: powershell
# title: disabled AD accounts
# description: Retrieves from a list of SamAccountName (txtfile) the accounts that are disabled in a forest.
# version: 0.1
# author: Cisco
# license: CC0
# x-poshcode-id: 3600
# x-archived: 2012-09-05T09:19:16
# x-published: 2012-08-29T03:57:00
#
# Memory optimization have been made so Ram doesn’t keep increasing
# Script requires Quest Active Directory Snap-in
#
#Get Domain List
$objForest = [System.DirectoryServices.ActiveDirectory.Forest]::GetCurrentForest()
$DomainList = @($objForest.Domains | Select-Object Name)
$Domains = $DomainList | foreach {$_.Name}
#get users list
$users = Get-Content U:\EMCU15FI3_USER.txt
$total = $users.count
"SAMaccountname;DisplayName;HomeDir;Domain" | Out-File -FilePath test.txt
foreach($Domain in $Domains){
$i=0
foreach($user in $users) {
# serializevalue parameter is used to inly get the properties needed so variable doesn't use too much RAM.
$b = Get-QADUser -SamAccountName $user -SizeLimit 0 -Disabled -DontUseDefaultIncludedProperties -IncludedProperties NTAccountName, DisplayName, HomeDirectory, userprincipalname -SerializeValues
$storing = $b.sAMAccountName + ";" + $b.displayName + ";" + $b.homeDirectory + ";" +$domain
if ($storing.StartsWith(";")) {
}
else{
$storing | Out-File -FilePath test.txt -append
}
$storing=$null
$b=$null
#free up the garbage collect (empties unused variables)
[System.GC]::Collect()
$i++;
Write-Progress -Activity "Searching disabled accounts in $domain" -Status "Progress:" -PercentComplete $($i*100/$total)
}
}