Everyone makes mistakes. Sometimes end users forget their passwords and lock themselves out of their Active Directory access. Administrators can unlock these accounts via the Windows GUI, but what if there was a quicker way. The PowerShell Active Directory module can save administrators time in governing end users and can also provide automation if required. This example will highlight how to unlock an end user account in minimal steps via PowerShell and the Active Directory module. Let’s get started.
- Open PowerShell in Administrative mode
How To Unlock A User In Active Directory With PowerShell
- Run the following command to install the Active Directory module:
PowerShell1Install-Module ActiveDirectoryOr confirm the module is loaded using the following command:
PowerShell1Get-Module ActiveDirectory - With the Active Directory PowerShell module now installed, run the following command to display and confirm that the user is locked out:
PowerShell1Get-ADUser -Identity 'ENTER USER NAME HERE' -Properties LockedOut | Select-Object Name,Lockedout - Run the following command to unlock the user account:
PowerShell1Unlock-ADAccount -Identity 'ENTER USER NAME HERE'
- Run the following command again to confimr that the user’s account has been unlocked:
PowerShell1Get-ADUser -Identity 'ENTER USER NAME HERE' -Properties LockedOut | Select-Object Name,Lockedout
Updated: November 6th, 2019 by Anthony Bartolo
© Microsoft. This article was originally published by Microsoft's ITOps Talk Blog. You can find the original article here.