I have 2 helpdesk users working with me. None of them are domain admins. One of them sometimes is unable to unlock any user account and the problem disappears once he reboots.
Another one who is logged in to a laptop, iphone and ipad at the same time, gets his account locked for no reason after every few hours. On his Outlook he gets a prompt to put in his password and I check on the ADUC, he is locked.
Any ideas what might be wrong ? I check the Login Audit but couldnt find any solution.
Regards
Active DirectoryWindows Server 2008
Last Comment
Exchange User
8/22/2022 - Mon
FOX
open up powershell as an administrator
type import-module ActiveDirectory
copy and paste the below at your cursor (at the first login, log with your domain admin account ex. domain\username)
#Set variables
$progress = 0
#Get Admin Credentials
Function Get-Login {
Clear-Host
Write-Host "Please provide admin credentials (for example DOMAIN\admin.user and your password)"
$Global:Credential = Get-Credential
}
Get-Login
#Get Username to search for
Function Get-Username {
Clear-Host
$Global:Username = Read-Host "Enter username you want to search for"
if ($Username -eq $null){
Write-Host "Username cannot be blank, please re-enter username!"
Get-Username
}
$UserCheck = Get-ADUser $Username
if ($UserCheck -eq $null){
Write-Host "Invalid username, please verify this is the logon id for the account!"
Get-Username
}
}
Get-Username
#Get Computername Prefix for large environments
Function Get-Prefix {
Clear-Host
$Global:Prefix = Read-Host "Enter a prefix of Computernames to search on (CXX*) use * as a wildcard or enter * to search on all computers"
Clear-Host
}
Get-Prefix
#Start search
$computers = Get-ADComputer -Filter {Enabled -eq 'true' -and SamAccountName -like $Prefix}
$CompCount = $Computers.Count
Write-Host "Searching for $Username on $Prefix on $CompCount Computers`n"
#Start main foreach loop, search processes on all computers
foreach ($comp in $computers){
$Computer = $comp.Name
$Reply = $null
$Reply = test-connection $Computer -count 1 -quiet
if($Reply -eq 'True'){
if($Computer -eq $env:COMPUTERNAME){
#Get explorer.exe processes without credentials parameter if the query is executed on the localhost
$proc = gwmi win32_process -ErrorAction SilentlyContinue -computer $Computer -Filter "Name = 'explorer.exe'"
}
else{
#Get explorer.exe processes with credentials for remote hosts
$proc = gwmi win32_process -ErrorAction SilentlyContinue -Credential $Credential -computer $Computer -Filter "Name = 'explorer.exe'"
}
#If $proc is empty return msg else search collection of processes for username
if([string]::IsNullOrEmpty($proc)){
write-host "Failed to check $Computer!"
}
else{
$progress++
ForEach ($p in $proc) {
$temp = ($p.GetOwner()).User
Write-Progress -activity "Working..." -status "Status: $progress of $CompCount Computers checked" -PercentComplete (($progress/$Computers.Count)*100)
if ($temp -eq $Username){
write-host "$Username is logged on $Computer"
}
}
}
}
}
write-host "Search done!"
My gut feeling is that he has a password configured incorrectly on his phone/iPad, if this is the case the lockout tool will show his lockout being generated from the applicable that the devices connect to eg edge transport server
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
type import-module ActiveDirectory
copy and paste the below at your cursor (at the first login, log with your domain admin account ex. domain\username)
#Set variables
$progress = 0
#Get Admin Credentials
Function Get-Login {
Clear-Host
Write-Host "Please provide admin credentials (for example DOMAIN\admin.user and your password)"
$Global:Credential = Get-Credential
}
Get-Login
#Get Username to search for
Function Get-Username {
Clear-Host
$Global:Username = Read-Host "Enter username you want to search for"
if ($Username -eq $null){
Write-Host "Username cannot be blank, please re-enter username!"
Get-Username
}
$UserCheck = Get-ADUser $Username
if ($UserCheck -eq $null){
Write-Host "Invalid username, please verify this is the logon id for the account!"
Get-Username
}
}
Get-Username
#Get Computername Prefix for large environments
Function Get-Prefix {
Clear-Host
$Global:Prefix = Read-Host "Enter a prefix of Computernames to search on (CXX*) use * as a wildcard or enter * to search on all computers"
Clear-Host
}
Get-Prefix
#Start search
$computers = Get-ADComputer -Filter {Enabled -eq 'true' -and SamAccountName -like $Prefix}
$CompCount = $Computers.Count
Write-Host "Searching for $Username on $Prefix on $CompCount Computers`n"
#Start main foreach loop, search processes on all computers
foreach ($comp in $computers){
$Computer = $comp.Name
$Reply = $null
$Reply = test-connection $Computer -count 1 -quiet
if($Reply -eq 'True'){
if($Computer -eq $env:COMPUTERNAME){
#Get explorer.exe processes without credentials parameter if the query is executed on the localhost
$proc = gwmi win32_process -ErrorAction SilentlyContinue -computer $Computer -Filter "Name = 'explorer.exe'"
}
else{
#Get explorer.exe processes with credentials for remote hosts
$proc = gwmi win32_process -ErrorAction SilentlyContinue -Credential $Credential -computer $Computer -Filter "Name = 'explorer.exe'"
}
#If $proc is empty return msg else search collection of processes for username
if([string]::IsNullOrEmpty
write-host "Failed to check $Computer!"
}
else{
$progress++
ForEach ($p in $proc) {
$temp = ($p.GetOwner()).User
Write-Progress -activity "Working..." -status "Status: $progress of $CompCount Computers checked" -PercentComplete (($progress/$Computers.Cou
if ($temp -eq $Username){
write-host "$Username is logged on $Computer"
}
}
}
}
}
write-host "Search done!"