When this happens, the AD account the lockouttime attribute will contain a
Win32 time value that indicates when the account was locked.
An easy way to search for locked out accounts is an LDAP query similar to
You can integrate this query in the saved queries of your Active Directory Users and Computers MMC.
The following script will use PowerShell to generate a WinForm and give you the ability to unlock account right from the interface. The goal is to do something simple and functional, nothing fancy.
The GUI was created using PowerShell Studio from SAPIEN. You can try this tool by going on Sapien.com
No Module Required
The beautiful part of it is that no Active Directory Module or Quest Active Directory Snapin are required In my case I used ADSI: [ADSISearcher]
If you want to know more about
ADSISearcher check this article from the Scripting Guy
Here is what the tool look like:
Invoking the script from a PowerShell will do it. Make sure you run this with an account that have the privileges to unlock accounts.
Script available on Github