Solved

PowerShell Script for unlocking AD accounts

Posted on 2014-09-11
15
636 Views
Last Modified: 2014-09-15
We are looking for a power shell script that we can use to unlock AD user accounts. Ideally we would like something that would prompt us for the SamAccountName of which user to unlock.

Any assistance would be appreciated.
0
Comment
Question by:GR JN
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 4
  • 3
15 Comments
 
LVL 40

Expert Comment

by:Subsun
ID: 40317368
You can use Unlock-ADAccount command in PowerShell. Refer the TechNet Article for details.

http://blogs.technet.com/b/heyscriptingguy/archive/2012/05/05/weekend-scripter-active-directory-account-unlock-shortcut-for-help-desk.aspx
0
 
LVL 29

Accepted Solution

by:
becraig earned 500 total points
ID: 40317466
yup for your script a simple Read-host would do
$user = Read-Host "Enter user account to unlock"
Search-ADAccount -LockedOut | Where {$_.samaccountname -eq $user} | Unlock-ADAccount

Open in new window

This would take the sam account name as input
0
 
LVL 40

Expert Comment

by:Subsun
ID: 40317487
Simple Unlock-ADAccount  $user should work.. not need to use Search-ADAccount
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 29

Expert Comment

by:becraig
ID: 40317504
only added user for validation.. not need to add time but makes sense to validate input ? (or maybe not ?)
0
 
LVL 40

Expert Comment

by:Subsun
ID: 40317528
IMO Search-ADAccount will be time consuming (if we care about time.. :-) ).. Using Try Catch might be more quick for validation. or may be Get-ADUser..
Try { Unlock-ADAccount  $user } Catch { $_.exception }

Open in new window

0
 
LVL 40

Expert Comment

by:Subsun
ID: 40323753
@Narvaezj, I did provide similar solution in the first comment. Any reason for accepting becraig's comment as the sole answer?

Except from technet Article..
@echo off
powershell.exe -Command "& {Import-Module ActiveDirectory; Read-Host "Enter the user account to unlock" | Unlock-ADAccount}"

Open in new window

0
 

Author Comment

by:GR JN
ID: 40323760
As both options were most likely "correct", we utilized becraig's by default.
0
 
LVL 29

Expert Comment

by:becraig
ID: 40323764
Narvaezj can you please give the points to Subsun (whether you went with my solution or not), I am only here to help and don't want to step on the toes of the other experts by getting points they think should be awarded to them .
0
 

Author Comment

by:GR JN
ID: 40323773
No problem. I just do not have the resources to test every solution that is posted.
0
 
LVL 40

Expert Comment

by:Subsun
ID: 40323779
@becraig, It's not about points. as the solutions are apparently same, I wanted to understand why the first comment was ignored. As you know the Experts are not getting any special credits for points or answers. We all are here to learn and help not for any other monetary benefits..
0
 
LVL 29

Expert Comment

by:becraig
ID: 40323785
Agreed, I usually just leave it as is where a viable solution was awarded points even if it echoed mine, since anyone searching in the future would at least find a working solution.


I generally take issue when a non-answer is tagged as an answer (no help to anyone who come later since the first thing you scan for the is "accepted solution") :~)
0
 

Author Comment

by:GR JN
ID: 40323792
Yes, that is fine.
0
 
LVL 40

Expert Comment

by:Subsun
ID: 40323799
@Mike, As OP stated he didn't try the first suggestion, I am OK with with current selection of solution. I just wanted to know if OP had any trouble using my suggestion.
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question