Thursday, January 8, 2015

How to find out all locked out accounts in Active Directory using Powershell

This one liner PowerShell for reference, is intended to show how to find out all locked out accounts in Active Directory using Search-ADAccount with LockedOut parameter (ActiveDirectory module is required):
Search-ADAccount -LockedOut
The output from this cmdlet will list all the locked out accounts. Furthermore, if you want to unlock all those accounts, the output of the Search-ADAccount can be piped to Unlock-ADAccount cmdlet (permission for unlocking ad accounts is required) for example:
Search-ADAccount -LockedOut | Unlock-ADAccount

For more info about these powerful cmdlets please check TechNet: Search-ADAccount and Unlock-ADAccount .
 

No comments:

Post a Comment