Use PowerShell to search for accounts in Active Directory that have gone stale!

For anyone reviewing this and with a need to audit an AD environment not only for stale accounts, but also for stale passwords, stale computers, unsupported operating systems, and other such reports - please review my own project at https://github.com/ziesemer/ad-privileged-audit/ , if it may provide any benefit to you or your organization. It is built upon many of the same principles and PowerShell cmdlets that Tom just covered here, but extends this into a suite of production-ready reports. (I don't mean to spam this article with my own solution, but only mean to share as I'm trying to help everyone I can get ahead of the potential security incidents otherwise waiting to happen within many environments due to such stale or orphaned accounts.)