Solved

PowerShell Script for unlocking AD accounts

Posted on 2014-09-11
15
786 Views
Last Modified: 2014-09-15
We are looking for a power shell script that we can use to unlock AD user accounts. Ideally we would like something that would prompt us for the SamAccountName of which user to unlock.

Any assistance would be appreciated.
0
Comment
Question by:GR JN
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 4
  • 3
15 Comments
 
LVL 40

Expert Comment

by:Subsun
ID: 40317368
You can use Unlock-ADAccount command in PowerShell. Refer the TechNet Article for details.

http://blogs.technet.com/b/heyscriptingguy/archive/2012/05/05/weekend-scripter-active-directory-account-unlock-shortcut-for-help-desk.aspx
0
 
LVL 29

Accepted Solution

by:
becraig earned 500 total points
ID: 40317466
yup for your script a simple Read-host would do
$user = Read-Host "Enter user account to unlock"
Search-ADAccount -LockedOut | Where {$_.samaccountname -eq $user} | Unlock-ADAccount

Open in new window

This would take the sam account name as input
0
 
LVL 40

Expert Comment

by:Subsun
ID: 40317487
Simple Unlock-ADAccount  $user should work.. not need to use Search-ADAccount
0
Webinar: Aligning, Automating, Winning

Join Dan Russo, Senior Manager of Operations Intelligence, for an in-depth discussion on how Dealertrack, leading provider of integrated digital solutions for the automotive industry, transformed their DevOps processes to increase collaboration and move with greater velocity.

 
LVL 29

Expert Comment

by:becraig
ID: 40317504
only added user for validation.. not need to add time but makes sense to validate input ? (or maybe not ?)
0
 
LVL 40

Expert Comment

by:Subsun
ID: 40317528
IMO Search-ADAccount will be time consuming (if we care about time.. :-) ).. Using Try Catch might be more quick for validation. or may be Get-ADUser..
Try { Unlock-ADAccount  $user } Catch { $_.exception }

Open in new window

0
 
LVL 40

Expert Comment

by:Subsun
ID: 40323753
@Narvaezj, I did provide similar solution in the first comment. Any reason for accepting becraig's comment as the sole answer?

Except from technet Article..
@echo off
powershell.exe -Command "& {Import-Module ActiveDirectory; Read-Host "Enter the user account to unlock" | Unlock-ADAccount}"

Open in new window

0
 

Author Comment

by:GR JN
ID: 40323760
As both options were most likely "correct", we utilized becraig's by default.
0
 
LVL 29

Expert Comment

by:becraig
ID: 40323764
Narvaezj can you please give the points to Subsun (whether you went with my solution or not), I am only here to help and don't want to step on the toes of the other experts by getting points they think should be awarded to them .
0
 

Author Comment

by:GR JN
ID: 40323773
No problem. I just do not have the resources to test every solution that is posted.
0
 
LVL 40

Expert Comment

by:Subsun
ID: 40323779
@becraig, It's not about points. as the solutions are apparently same, I wanted to understand why the first comment was ignored. As you know the Experts are not getting any special credits for points or answers. We all are here to learn and help not for any other monetary benefits..
0
 
LVL 29

Expert Comment

by:becraig
ID: 40323785
Agreed, I usually just leave it as is where a viable solution was awarded points even if it echoed mine, since anyone searching in the future would at least find a working solution.


I generally take issue when a non-answer is tagged as an answer (no help to anyone who come later since the first thing you scan for the is "accepted solution") :~)
0
 

Author Comment

by:GR JN
ID: 40323792
Yes, that is fine.
0
 
LVL 40

Expert Comment

by:Subsun
ID: 40323799
@Mike, As OP stated he didn't try the first suggestion, I am OK with with current selection of solution. I just wanted to know if OP had any trouble using my suggestion.
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In previous parts of this Nano Server deployment series, we learned how to create, deploy and configure Nano Server as a Hyper-V host. In this part, we will look for a clustering option. We will create a Hyper-V cluster of 3 Nano Server host nodes w…
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question