Script repository

Get number of enabled and not expired users in an AD domain without using Adaxes

Updated on: Jan 18, 2026, Views: 3399

Miscellaneous

The script returns the number of enabled and not expired user accounts in an AD domain without using Adaxes cmdlets or interfaces.

The computer where you want to run the script must have the Active Directory PowerShell module installed.

In the script, the $domainName variable specifies the DNS name of the domain you want to query.

Import-Module ActiveDirectory

$domainName = "dc.example.com" # TODO: Modify me

$currentDateFileTime = (Get-Date).ToFileTimeUtc()
$users = Get-ADObject -LDAPFilter "(&(sAMAccountType=805306368)(!(userAccountControl:1.2.840.113556.1.4.803:=2))(|(!(accountExpires<=$currentDateFileTime))(accountExpires=0)))" -SearchScope Subtree -Server $domainName
Write-Host "Total number of enabled and not expired user accounts in domain $domainName:" $users.Length

Comments 2

You must be signed in to comment.

  • Eric Schewe

    Eric Schewe

    There is a small typo in the last line of this script: 

    Write-Host "Total number of enabled and not expired user accounts in domain $domainName:" $users.Length

    Should be: 

    Write-Host "Total number of enabled and not expired user accounts in domain $($domainName):" $users.Length

    Otherwise it errors out on execution in PowerShell v5.x

    • Support

      Support

      Hello Eric,

      Thank you for pointing out the issue. We updated the script accordingly.

Got questions?

Support Questions & Answers

We use cookies to improve your experience.
By your continued use of this site you accept such use.
For more details please see our privacy policy and cookies policy.