I am looking for a solution to account lockout problem. One of the networks(a large church) I am a admin for has one specific account that all the students use in their web cafe. At least once a week I get a call from the youth director asking me to unlock the account in active directory because one of the kids had tried the password to many times. Is there a way to script a program or MMC that I can give the youth director access to that will unlock the account at a click of a button? I don't want to give him access to the entire directory and know its only as simple as unchecking a box in the account properties, but that requires me to connect to the VPN, log in the server and then open AD. Any suggestions?