Search for Account Created in AD between a specific time period

Give adfind by MVP Joe Richards a try
http://www.joeware.net/freetools/tools/adfind/index.htm
Scott has a good article here on what you are trying to do
http://blog.scottlowe.org/2006/10/11/finding-recently-created-active-directory-accounts/
So let's say you are trying to find all accounts created between Jan 1, 2009 and May 31, 2009
adfind -default -f  "&(objectcategory=person)(objectclass=users)(whencreated>=20090101000000.0Z)( whencreated<=20090531000000.0Z)"  samaccountname whencreated -tdcgt -nodn -csv > c:\usersCreated.csv
That will output the results to a csv drive on your C drive.  
Take a look at the screenshot from my lab.  
Thanks
Mike

Adfind-WhenCreated.gif

Very do I need to install this on my DC or can it be run from my workstation?

Hey :)

The command Mike supplied (and the tool) can be run from any member of the domain (including your workstation or the DC if you prefer).

Chris

Very cool..

Also in AD is there a way for me to get a list of account that have been deleted in the past 30 days?

Sure :)

The date you use is built in the same way as you did above.

ADFind -f "(&(objectClass=user)(objectClass=person)(IsDeleted=TRUE)(whenChanged>=20090603000000.0Z))" -showdel

You'll find that deleted objects have a seriously limited set of attributes, not everything makes it onto the tombstone.

And note that the two "objectClass=" statements are intentional. There are quite a few differences between the regular domain objects and those which have been deleted.

Chris

For the synatex to show all user deleted with in a specific time period for example 6/1/09 - 6/30/09 what would i type in?? I tried what you listed above and it keeps showing zero records

try
ADFind -default -f  "(&(objectClass=user)(objectClass=person)(IsDeleted=TRUE)(whencreated>=20090601000000.0Z)(whencreated<=20090630000000.0Z))"  -showdel
See if that gives you records
Thanks
Mike
 

nope same thing
Zero records return and I do know account have been removed