You have to run Search-ADAccount in the Active Directory Modile for Windows Powershell!
Here is an example for finding disabled accounts :
Search-ADAccount -AccountDisabled -UsersOnly | Format-Table name, sid -AutoSize
PS S:\> Search-ADAccount -?
NAME
Search-ADAccount
SYNOPSIS
Gets Active Directory user, computer, or service accounts.
SYNTAX
Search-ADAccount -AccountDisabled <switch> [-AuthType {Negotiate | Basic}]
[-ComputersOnly <switch>] [-Credential <PSCredential>] [-ResultPageSize <in
t>] [-ResultSetSize <System.Nullable[int]>] [-SearchBase <string>] [-Search
Scope {Base | OneLevel | Subtree}] [-Server <string>] [-UsersOnly <switch>]
[<CommonParameters>]
Search-ADAccount -AccountExpired <switch> [-AuthType {Negotiate | Basic}] [
-ComputersOnly <switch>] [-Credential <PSCredential>] [-ResultPageSize <int
>] [-ResultSetSize <System.Nullable[int]>] [-SearchBase <string>] [-SearchS
cope {Base | OneLevel | Subtree}] [-Server <string>] [-UsersOnly <switch>]
[<CommonParameters>]
Search-ADAccount -AccountExpiring <switch> [-DateTime <DateTime>] [-TimeSpa
n <TimeSpan>] [-AuthType {Negotiate | Basic}] [-ComputersOnly <switch>] [-C
redential <PSCredential>] [-ResultPageSize <int>] [-ResultSetSize <System.N
ullable[int]>] [-SearchBase <string>] [-SearchScope {Base | OneLevel | Subt
ree}] [-Server <string>] [-UsersOnly <switch>] [<CommonParameters>]
Search-ADAccount -AccountInactive <switch> [-DateTime <DateTime>] [-TimeSpa
n <TimeSpan>] [-AuthType {Negotiate | Basic}] [-ComputersOnly <switch>] [-C
redential <PSCredential>] [-ResultPageSize <int>] [-ResultSetSize <System.N
ullable[int]>] [-SearchBase <string>] [-SearchScope {Base | OneLevel | Subt
ree}] [-Server <string>] [-UsersOnly <switch>] [<CommonParameters>]
Search-ADAccount -LockedOut [-AuthType {Negotiate | Basic}] [-ComputersOnly
<switch>] [-Credential <PSCredential>] [-ResultPageSize <int>] [-ResultSet
Size <System.Nullable[int]>] [-SearchBase <string>] [-SearchScope {Base | O
neLevel | Subtree}] [-Server <string>] [-UsersOnly <switch>] [<CommonParame
ters>]
Search-ADAccount -PasswordExpired <switch> [-AuthType {Negotiate | Basic}]
[-ComputersOnly <switch>] [-Credential <PSCredential>] [-ResultPageSize <in
t>] [-ResultSetSize <System.Nullable[int]>] [-SearchBase <string>] [-Search
Scope {Base | OneLevel | Subtree}] [-Server <string>] [-UsersOnly <switch>]
[<CommonParameters>]
Search-ADAccount -PasswordNeverExpires <switch> [-AuthType {Negotiate | Bas
ic}] [-ComputersOnly <switch>] [-Credential <PSCredential>] [-ResultPageSiz
e <int>] [-ResultSetSize <System.Nullable[int]>] [-SearchBase <string>] [-S
earchScope {Base | OneLevel | Subtree}] [-Server <string>] [-UsersOnly <swi
tch>] [<CommonParameters>]
DESCRIPTION
The Search-ADAccount cmdlet retrieves one or more user, computer, or servic
e accounts that meet the criteria specified by the parameters. Search crite
ria include account and password status. For example, you can search for al
l accounts that have expired by specifying the AccountExpired parameter. Si
milarly, you can search for all accounts with an expired password by specif
ying the PasswordExpired parameter. You can limit the search to user accoun
ts by specifying the UsersOnly parameter. Similarly, when you specify the C
omputersOnly parameter, the cmdlet only retrieves computer accounts.
Some search parameters, such as AccountExpiring and AccountInactive use a d
efault time that you can change by specifying the DateTime or TimeSpan para
meter. The DateTime parameter specifies a distinct time. The TimeSpan param
eter specifies a time range from the current time. For example, to search f
or all accounts that expire in 10 days, specify the AccountExpiring and Tim
eSpan parameter and set the value of TimeSpan to “10.00:00:00”. To search f
or all accounts that expire before December 31, 2012, set the DateTime para
meter to “12/31/2012”.
RELATED LINKS
Online version: http://go.microsoft.com/fwlink/?LinkID=144989
Enable-ADAccount
Disable-ADAccount
Unlock-ADAccount
Set-ADAccountControl
Set-ADAccountExpiration
Clear-ADAccountExpiration
Set-ADAccountPassword
Get-ADAccountResultantPasswordReplicationPolicy
REMARKS
To see the examples, type: “get-help Search-ADAccount -examples”.
For more information, type: “get-help Search-ADAccount -detailed”.
For technical information, type: “get-help Search-ADAccount -full”.