Active Directory: Unable to unlock accounts from Windows 7 desktop

Posted on 2012-09-05
Last Modified: 2012-09-05
I'm having an issue with AD users and computers installed on my Windows 7 desktop. I can see all kinds of information like if an account is disabled, deleted, enabled, added, etc., but I don't see when an account is locked out. I have to actually sign into a DC in order to see that the account is locked out and then unlock it. It would be great to be able to do this from my desktop.

Question by:OGDITAdmin
    LVL 23

    Accepted Solution

    Did you try to uninstall RSAT from your desktop and install it again?

    Are you running Windows 7 SP1 on your machine? Their is a different RSAT for SP1 (
    LVL 53

    Expert Comment

    by:Will Szymkowski
    If you have powershell installed on your machine then you can use the following powershell command to get the Property of "AccountLockOutTime" which identifies the time account was locked out.

    You will have to run the Import-Module activedirectory before the following commands will work.

    To get a single users do the following
    Get-ADUser -identity <name here> -properties * | FT displayname, AccountLockOutTime

    To get a list of multiple users do the following
    Get-ADUser -Filter 'objectclass "User"' -Properties * | Where-Object {$_.AccountLockOutTime -like "*1*"} | FT displayname, AccountLockOutTime

    You can also put this in a script form adding it to notepad and saving it as a .ps1 file extension. From there you can simply navigate to this script in powershell and type .\<name of script>

    Hope this helps!

    Featured Post

    What Security Threats Are You Missing?

    Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

    Join & Write a Comment

    Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
    One of the features I've come to appreciate about Windows 7 and Windows Server 2008 R2 is the ability to pin applications to the task bar. As useful a feature as I've found this, it does have some quirks.  For example, have you ever tried pinning an…
    This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
    This Micro Tutorial will teach you the basics of configuring your computer to improve its speed. It will also teach you how to disable programs that are running in the background simultaneously. This will be demonstrated using Windows 7 operating…

    728 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    14 Experts available now in Live!

    Get 1:1 Help Now