I'm working on a script that can find disabled user accounts within any Active Directory sub-OU of the domain. I tried the cmdlets Search-ADAccount and Get-ADUser, but it always ends up finding only two disabled user accounts located in the built-in Users OU. No greater luck by using the -SearchBase and -SearchScope parameters to target a specific OU or explicitly perform the search in all the sub-OU's. See image below:
I have read other similar threads, but none of the solutions proposed worked for me.
I can't figure out how to recursively look within sub-OU's and return all the disabled users scattered within them. If I use the console Active Directory Users and Computers to create a new saved query, it works just fine, but I need to automate the task through a PowerShell script: moving all the disabled user accounts to a specific OU before deletion (in any case, I need to first be able to find them).
Any input will be much appreciated. Thanks in advance!