PowerShell Basics: How To Unlock A User In Active Directory via PowerShell

Everyone makes mistakes. Sometimes end users forget their passwords and lock themselves out of their access. Administrators can unlock these accounts via the Windows GUI, but what if there was a quicker way.  The PowerShell module can save administrators time in governing end users and can also provide if required.  This example will highlight unlock an end user account in minimal steps via PowerShell and the module.  Let's get started.

  1. Open PowerShell in Administrative mode
     
    How_To_Unlock_A_User_In_Active_Directory_via_PowerShell_001.png Unlock A User In Active Directory With PowerShell
     
  2. Run the following command to install the Active Directory module:
     
    Install-Module ActiveDirectory
    

    Or confirm the module is loaded using the following command:

    Get-Module ActiveDirectory
    
  3. With the Active Directory PowerShell module now installed, run the following command to display and confirm that the user is locked out:
     
    Get-ADUser -Identity 'ENTER USER NAME HERE' -Properties LockedOut | Select-Object Name,Lockedout
    
  4. Run the following command to unlock the user account:
     
    Unlock-ADAccount -Identity 'ENTER USER NAME HERE'
    

     

  5. Run the following command again to confimr that the user's account has been unlocked:
     
    Get-ADUser -Identity 'ENTER USER NAME HERE' -Properties LockedOut | Select-Object Name,Lockedout
    

 

This article was originally published by Microsoft's Core Infrastructure and Security Blog. You can find the original article here.