Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
User account lockouts are very common — they can happen whenever a user enters a wrong password more times than permitted by the organization’s security policy. Locked-out users are temporarily left without access to critical business systems like Exchange or SharePoint. In these cases, account lockouts can be dealt with quickly once the locked user reports not being able to access critical services. But lockouts can happen for other reasons as well, and it can require quite a lot of work for IT administrators to learn exactly why the Active Directory user accounts were locked out; they can spend hours on Active Directory PowerShell scripting. Moreover, if they’re asked to regularly review locked out user accounts, they’ll need to periodically run PowerShell commands to get locked out users. But there’s a better way.
Open the PowerShell ISE, Run the following command:
Search-ADAccount -LockedOut -UsersOnly -ResultPageSize 2000 -resultSetSize $null | Select-Object Name, SamAccountName, DistinguishedName | Export-CSV “C:\Temp\LockedOutUsers.CSV” -NoTypeInformation
Next, open the file produced by the script in MS Excel.
https://img.netwrix.com/howtos/find_locked_ad_accounts_powershell.png
Credits
Originally posted at : https://www.netwrix.com/how_to_find_locked_accounts_powershell.html