Powershell script or AD utility to identify the source of locked accounts in AD

Hello Experts,

I have a client who is running into some AD issues, where an user gets the account locked random and sometimes happens to other users?

Instead of looking at the security logs on domain controllers, I would like to get a script to easily identify the source of the locked accounts, i.e. computer name, server, network device and so on. as well as last logon time

Can you please help me with this request?
Jerry SeinfieldAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

diperspCommented:
Microsoft has a tool for this which we've used with some success.  Check out -
http://www.microsoft.com/en-us/download/details.aspx?id=18465
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Jerry SeinfieldAuthor Commented:
Thanks, but Unfortunately that tool only works in Windows 2003, and I do not want to install a EXE on a WIndows machine

Any other tool or poweshell script that we can use on WIndows 2008 /R2/2012/R2 servers and Win7 machines

If someone can provide an script or a MS server or client tool  would be highly appreciated
0
diperspCommented:
Let me dig. That must be the wrong one then. We had a Microsoft app that wasn't an install and gave us good info on 2008R2 box. I assumed that was the one as it had a 2012 date on the MS page.
0
Sekar ChinnakannuStaff EngineerCommented:
As dipersp mentioned you use the same tool on Client OS and check. No need to run in server.

you can use one line powershell command to find the locked users and details http://blogs.technet.com/b/heyscriptingguy/archive/2011/08/31/use-powershell-to-find-locked-out-user-accounts.aspx
to find the location you can use this script to find http://gallery.technet.microsoft.com/scriptcenter/Get-LockedOutLocation-b2fd0cab
0
footechCommented:
The Account Lockout Status Tool does work on 2008R2.  Haven't tested on 2012.  It doesn't require an install which is nice - just need to run the .EXE once it's extracted.  However, the tool doesn't give you any information about the source of the lockout,  For that you have to dig down into the security logs, and I think the script the Sekar referenced is likely what you want.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Powershell

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.