Query Active Directory for Date an account is Disabled

Posted on 2007-07-26
Last Modified: 2011-08-18
Hello Experts,

I am trying to find out a way to query AD using the ADU&C interface in a way that will show me the disabled accounts that were disabled before a specific date.
Basically i need to know what the field or userAccountControl code is, if there is one at all.

I curentlly have a saved query to gather all my disabled users which looks like this:

I also played around with a query that would give me all my disabled users created before a specific date which looks like this:
   This query does not quite meet my needs but gets me closer to the end goal.

Any help would be great.
Question by:kendingo
    LVL 70

    Accepted Solution


    Hi Dingo,

    When an account was disabled isn't stored within AD (only whether it is or not).

    This isn't going to be too helpful, you would have to start auditing administrative actions and sorting through Security logs for right usage to discover when something happened. Not at all helpful for discovering previous actions.

    LVL 1

    Author Comment

    Thanks Chris,

    I was thinking that was the situation but needed some outside confirmation to support my thought process.

    Sometimes our account team puts the disabled date in the description field but that is few and far between most of the time.

    Thanks again for the insight.
    LVL 70

    Expert Comment

    by:Chris Dent

    No problem, sorry it wasn't more useful.


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Find Ransomware Secrets With All-Source Analysis

    Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

    Companies that have implemented Microsoft’s Active Directory need to ensure that the Active Directory is configured and operating properly. If there are issues found and not resolved, it eventually leads the components to fail or stop working and fi…
    Introduction You may have a need to setup a group of users to allow local administrative access on workstations.  In a domain environment this can easily be achieved with Restricted Groups and Group Policies. This article will demonstrate how to…
    This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
    This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    14 Experts available now in Live!

    Get 1:1 Help Now