Log in into your DC then execute PowerShell and run the following the following commands
Load the AD powershell
Once loaded run the following command
Following domain has been used in this example yourdomain.int
PS S:\> Search-ADAccount -AccountDisabled -SearchBase “DC=yourdomain,DC=int” | FT Name,LastLogonDate,ObjectClass –A
It will display a list of disabled accounts in Active Directory.
This will display all disabled users in active directory which might be absolute and removed. Obviously always check before any removal process that these can be removed!
Once all the disabled users are removed you can search for inactive users.
Change the date so it’s 1 year difference from the current date.
Search-ADAccount -AccountInactive -Datetime 01/04/2015 -SearchBase “DC=yourdomain,DC=int” | FT Name,LastLogonDate,ObjectClass –A
Once you got a list revise the user and disable them first before any removal.
Hope this helps someone.
Many thanks for reading and comments always welcome.