I have been given the task to create a report that shows the dormant accounts within my environment.  I am able to pull the data I need and more. I have it set up where the script hits each domain within my environment, I need to be able to exclude items such as Service Accounts, Generic Accounts, and test accounts that do not login. etc etc. As of now I am using the $_DistinguishedName -notlike "OU= or CN=" to block them but, there are a lot of them. I was wondering if there is a way to pipe in a text doc that would allow the script to not report on the accounts that will always show dormant. 

Here is sample of the script I am using.  

$userCollection = Search-ADAccount -AccountInactive -TimeSpan 45 -UsersOnly -Server location.Domain.local -SearchBase "DC=location,DC=domain,DC=local" 
$userCollection | Get-ADUser -Properties * | select SamAccountName,Name,Office,DistinguishedName Where {$_.DistinguishedName -notlike "*OU=CommonAreaPhones*" -and $_.DistinguishedName -notlike "*OU=Users - No Policy*"}

Thank you in advance.

Aaron

• Edited by Aaron Berry Friday, January 10, 2014 8:41 PM

Placed all of them in a security group and exclude that.

The plus with using a security group is that you don't have to find the file and it is very easy to 0update from anywhere.