Solved

automatically search all locked out IDs

Posted on 2010-11-20
4
346 Views
Last Modified: 2012-05-10
I have a list of thousands ID name and need to find all locked out IDs. I can manually check them in AD. Is there any way to search them automatically using directory service command line?

Thanks in advance
0
Comment
Question by:howruaz9
  • 2
  • 2
4 Comments
 
LVL 27

Accepted Solution

by:
KenMcF earned 500 total points
ID: 34180858
I would use powershell and the quest AD cmdlets

http://www.quest.com/powershell/activeroles-server.aspx

$users = get-content c:\user.txt
foreach ($user in $users){
$u = get-qaduser $user
if ($u.AccountIsLockedOut -eq "True"){
write-host "User Account $user is locked"
}}

of for all users in AD and export to csv file

get-qaduser -sizelimit 0 | where{$_.AccountIsLockedOut -eq "True"} | select Name | export-csv c:\lockedusers.csv
0
 

Author Comment

by:howruaz9
ID: 34181282

Thanks very much KenMcF, I will try it.

Is it possible to use directory service command line to do this job?
0
 
LVL 27

Assisted Solution

by:KenMcF
KenMcF earned 500 total points
ID: 34181303
You can but it is harder. Take a look at this thread

http://powershell.com/cs/forums/p/268/318.aspx
0
 

Author Closing Comment

by:howruaz9
ID: 34181716
Many thanks KenMcF, I really appreciate your help.
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
This article runs through the process of deploying a single EXE application selectively to a group of user.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question