May 4, 2017 at 7:51 pm

Hi, I have a script that queries the A/D for accounts that are enabled:

Get-ADUser -SearchBase 'OU=Users,OU=XXXXX,DC=XXXXX,DC=co,DC=uk' -filter {enabled -eq "True"} | Select-Object Name,SamAccountName | Sort-Object Name | Select -Property Name,SamAccountName | Out-file -file "C:\Active Directory\Active Users.txt"

Which appears to work, but on further inspection, I have found that it is listing a few odd 'disabled' accounts (verified in A/D)...I even tried {enabled -eq "False"} to try and report the disabled accounts, but it misses them???

Help much appreciated

May 4, 2017 at 7:57 pm

Try comparing the value on the boolean $true versus a string "True"

Get-ADUser -SearchBase 'OU=Users,OU=XXXXX,DC=XXXXX,DC=co,DC=uk' -filter {Enabled -eq $true} | 
Select-Object Name,SamAccountName | 
Sort-Object Name | 
Out-file -file "C:\Active Directory\Active Users.txt"

May 4, 2017 at 8:03 pm

Thanks for the quick response Rob!

I did try that too – and for some reason that returned the same output – I also tried $False in reverse to get disabled accounts and that also returned the same as -eq "False"....so reports are the same...but I can see the disabled accounts in A/D user OU???

May 4, 2017 at 8:05 pm

sorry everyone, I forgot to format the code too here!