Active Directory Cleanup Tool
Leaving stale and expired accounts in Active Directory is a security risk. This tool quickly finds old accounts and allows you to bulk disable, delete, and more.
Find inactive user and computer accounts
Find expired accounts
Bulk disable or moved
Find empty groups
Find inactive user accounts
You will be surprised to see how many Active Directory accounts are unused. Use this tool to quickly find those stale accounts and disable or move them. You can change the search to find the last logon for any number of days, for example, 30.
Bulk Move Accounts
A safe first step to cleaning up inactive accounts is to move them to another organizational unit. The Active Directory cleanup tool makes this easy. Just select the OU and all the identified inactive accounts will be moved.
Find all Active Directory groups that have no members. This is a task most administrators don’t think to do because it’s hard to do unless you have the right tools.
Find expired user accounts
Administrators will often set accounts to expire. But do they come back and delete the account? Most often these accounts are forgotten and hard to find. The Active Directory cleanup tool makes it easy to find all accounts that have expired.
List all disabled accounts
Just like inactive accounts, disabled accounts can build up over time leaving Active Directory with unnecessary accounts. This can show up on audits, reports and add security risks.
Users that have never logged on
This one will also surprise you. Why would there be accounts that have never been used? There could be a number of reasons but they need to be found and determined if they can be disabled or removed.