none
unLock Ad user from all Domain controllers RRS feed

  • Question

  • We have 13 domain controllers in  5 Active directory sites, Unlock status is not updating in All DC's immediately. please help me to unlock Ad user from all the Domain controllers.

    Below is the script to unlock Ad account from one domain controller:

    Clear-Host

    $luser = Read-Host “Input the name (Last name, First name) of the locked user”
    $lockstatus = Get-ADUser "$luser" –Properties lockedout -Server DC10
    if ($lockstatus.lockedout –eq $True)
    {
    $nul = Get-ADUser "$luser" | Unlock-ADaccount

    $nul = Get-ADUser "$luser" | Set-ADAccountPassword -NewPassword “password”
    Write-Host "Account unlocked and password reset"
    }
    if ($lockstatus.lockedout –eq $false)
    {
    Write-Host "Account is not locked"
    }


    Raj

    Saturday, April 12, 2014 8:46 AM

Answers

  • we have remote site users are facing problems.

    Our L1 agents will unlock User ID in Primary site, replication taking time to replicate to remote DC.

    So need a script to unlock USer ID in all Dcs


    Raj

    Replication of unlocks is faster than you can  do it in script.  It is pushed immediately.  It does not wait fro replication. If thisis not happening then you need to find the problem and fix it.

    You need to fix your problem.  A script will not fix it.

    IF you insist on doing it manually then just run the script one time for each DC.

    If you still do not know what to do you must contact a consultant or your network vendor and have them assist you with this.   We are not a custom solution provider or a free script writing forum.  Doing this would keep you from fixing a problem which could lead to other bad things.  Please take the time to take the correct technical steps.

    One thing that might help is to NOT select a DC for the reset.  The DC you are selecting is probably not replicating.  Let Windows choose a DC for you.

    You must run diagnostics on your network to find out what is happening.  Contact you network administrator to do this.  If you do not have a trined network administrator then please contact a consultant or your vendor.


    ¯\_(ツ)_/¯


    • Edited by jrv Saturday, April 12, 2014 12:32 PM
    • Marked as answer by Raja Y Sunday, April 13, 2014 11:50 AM
    Saturday, April 12, 2014 12:28 PM

All replies

  • It is not a scripting problem.  YOu need to fix your replication.   AN unlock is supposed to replicate immediately.  It it doesn't something is broken.

    Writing a script will not fix the problem.


    ¯\_(ツ)_/¯

    Saturday, April 12, 2014 9:06 AM
  • we have remote site users are facing problems.

    Our L1 agents will unlock User ID in Primary site, replication taking time to replicate to remote DC.

    So need a script to unlock USer ID in all Dcs


    Raj

    Saturday, April 12, 2014 9:58 AM
  •  You may have to modify default intra-site domain controller replication interval across Domain forest.


    Nag Pal MCTS/MCITP (SQL Server 2005/2008) :: Please Mark Answer/vote if it is helpful ::

    Saturday, April 12, 2014 12:13 PM
  • we have remote site users are facing problems.

    Our L1 agents will unlock User ID in Primary site, replication taking time to replicate to remote DC.

    So need a script to unlock USer ID in all Dcs


    Raj

    Replication of unlocks is faster than you can  do it in script.  It is pushed immediately.  It does not wait fro replication. If thisis not happening then you need to find the problem and fix it.

    You need to fix your problem.  A script will not fix it.

    IF you insist on doing it manually then just run the script one time for each DC.

    If you still do not know what to do you must contact a consultant or your network vendor and have them assist you with this.   We are not a custom solution provider or a free script writing forum.  Doing this would keep you from fixing a problem which could lead to other bad things.  Please take the time to take the correct technical steps.

    One thing that might help is to NOT select a DC for the reset.  The DC you are selecting is probably not replicating.  Let Windows choose a DC for you.

    You must run diagnostics on your network to find out what is happening.  Contact you network administrator to do this.  If you do not have a trined network administrator then please contact a consultant or your vendor.


    ¯\_(ツ)_/¯


    • Edited by jrv Saturday, April 12, 2014 12:32 PM
    • Marked as answer by Raja Y Sunday, April 13, 2014 11:50 AM
    Saturday, April 12, 2014 12:28 PM
  • Hi Raj,

    I know this is a really old post but I have a related question.  My problem isn't with it not replicating our problem is with about 15 people around the world.  When they reset their password in the office or remotely, it is locking out on their computer but not the way you are thinking.

    I've been doing IT support for over 20 years.  This isn't the thing where they forget to change their password on a mobile device or a cached website.  I have gone through everything on the computer after the less experienced agents have gone through it.  There appears to be nothing cached but yet it still locks out but not 5 failed attempts in 20 seconds, the normal "Forgot to clear something".  For these end users it is 1 failed attempt between 111 seconds and 3 minutes.  The only thing that has fixed it was to re-image the computer.

    It only happens in Windows 10, none of them have Windows 7.

    For one of the end users that we already re-imaged her computer 2 times.  To give us more time to troubleshoot her computer we wanted to automatically unlock her account every 5 minutes.  I've been manually doing it with the Account Lockout tool so I can pinpoint the two DCs that are locking but I was trying to use Powershell to do this for me.

    But as for the main problem, if you can think of something I'm not thinking of that could be locking it, please let me know.  I was thinking it may be a service running under her name.  I hadn't found one but I'm still trying.  She has been very patient and cooperative but the last two times due to the Quarter closing we had to rush and force the reimage.

    Thank you,

    Kevin


    Helpful nice guy

    Tuesday, December 3, 2019 6:17 PM
  • Hi Raj,

    I know this is a really old post but I have a related question.  My problem isn't with it not replicating our problem is with about 15 people around the world.  When they reset their password in the office or remotely, it is locking out on their computer but not the way you are thinking.

    I've been doing IT support for over 20 years.  This isn't the thing where they forget to change their password on a mobile device or a cached website.  I have gone through everything on the computer after the less experienced agents have gone through it.  There appears to be nothing cached but yet it still locks out but not 5 failed attempts in 20 seconds, the normal "Forgot to clear something".  For these end users it is 1 failed attempt between 111 seconds and 3 minutes.  The only thing that has fixed it was to re-image the computer.

    It only happens in Windows 10, none of them have Windows 7.

    For one of the end users that we already re-imaged her computer 2 times.  To give us more time to troubleshoot her computer we wanted to automatically unlock her account every 5 minutes.  I've been manually doing it with the Account Lockout tool so I can pinpoint the two DCs that are locking but I was trying to use Powershell to do this for me.

    But as for the main problem, if you can think of something I'm not thinking of that could be locking it, please let me know.  I was thinking it may be a service running under her name.  I hadn't found one but I'm still trying.  She has been very patient and cooperative but the last two times due to the Quarter closing we had to rush and force the reimage.

    Thank you,

    Kevin


    Helpful nice guy

    Your issue is not appropriate for this forum.  Post in the Directory Services forum for assistance with AD issues.

    Please do not reactivate closed threads with unrelated questions.


    \_(ツ)_/

    Tuesday, December 3, 2019 6:25 PM