Something I didn’t know about – the people picker shows disabled user accounts – and ‘Tales from the field’ has a solution (on a per web app basis). Just in case the blog ever goes down:
This default behavior can be changed on a per web application basis to return only enabled user accounts. In the example below I have configured this for the web application http://moss using stsadm. This command configures MOSS 2007 to use a custom LDAP query.
stsadm -o setproperty -pn peoplepicker-searchadcustomfilter -url http://moss -pv (!userAccountControl=514)
If you are interested in putting together more granular filters I strongly recommend the following guide on LDAP, LDAP Query Basics – http://technet.microsoft.com/en-us/library/aa996205(EXCHG.65).aspx
Nice one Brendan