The script bellow allows you to locate users with invalid logon attempts
$strFilter = “(&(objectCategory=User)(badPwdCount>=0))”
$objDomain = New-Object System.DirectoryServices.DirectoryEntry
$objSearcher = New-Object System.DirectoryServices.DirectorySearcher
$objSearcher.SearchRoot = $objDomain
$objSearcher.PageSize = 1000
$objSearcher.Filter = $strFilter
$colProplist = “name”
foreach ($i in $colPropList){$objSearcher.PropertiesToLoad.Add($i)}
$colResults = $objSearcher.FindAll()
foreach ($objResult in $colResults)
{$objItem = $objResult.Properties; $objItem.name}
You may also like -
Rename all Domain Local Administrator Username Via ScriptUse this PowerShell script to rename Local Administrator Account on a list of remote machines.#$erroractionpreference = "SilentlyContinue"$a = New-Object -comobject Excel.Application$a.visible = $True$b = ... 
Move Domain Controller to other site – PowerShell$dcname = $newSite = "NewSite Name" $context = New-Object System.DirectoryServices.ActiveDirectory.DirectoryContext('DirectoryServer', $dcname) $dc = [System.DirectoryServices.ActiveDirectory.DomainController]::getDomainController ($context) $dc.MoveToAnotherSite($newSite) Where DomainDNSName – Enter your DNS domain name
Find user group membership Powershell scriptUse this script to check user group membership in Windows Domain Active Directory$root=([adsi]"").distinguishedName$ou=[adsi]("LDAP://ou=x,ou=y,ou=z,"+$root)# fill with user CN “Common Name”$user=$ou.psbase.children.find("cn=tartetCN ")$groups = $user.memberofforeach($group in $groups){$strGroup ... 
Useful AD PowerShell CommandsFinding Disabled Users:get-qaduser –disabledCreate a new Active Directory user:new-QADUser -name ' ' -parentContainer ' ' -UserPassword' ' -FirstName ' ' -LastName ' '-UserPrincipalName ' ... 
You can eliminate the lines:
$objDomain = New-Object System.DirectoryServices.DirectoryEntry
$objSearcher.SearchRoot = $objDomain
If you don’t specify a SearchRoot it defaults to the root of the default domain.