Unlock All AD Accounts

Has your service desk blown up with tons of calls because a lot of end users locked themselves out all at once unintentionally? Unfortunately, this does happen at some companies more often than others due to their login policies.

You can easily get most of them back to work, I say most because there are those who actually forgot their passwords and don't know how to get to the self service portal for resetting their password themselves and will call you instead.

Be the hero of the day for your fellow administrators and take those easy calls away from the
Service Desk with the following PowerShell script:

 Search-ADAccount Search-ADAccount -LockedOut | Unlock-ADAccount


  1. Those who have a good security policy in place will just disable accounts and put in a ticket under the users name that the account has been compromised and have it in awaiting user status until the end user reaches out to the Service Desk to have their password reset and to educate the end user. The technical support personal should fully inspect the account and computer for anything that could be malicious, including the inspection of the users email before enabling the full functionality of it.


Post a Comment

Popular posts from this blog



Mike's Profile Cleanup Tool