Introducing ADAudit Plus' Attack Surface Analyzer—Detect 25+ AD attacks and identify risky Azure configurations. Learn more×
 
Support
 
Phone Get Quote
 
Support
 
US: +1 888 720 9500
US: +1 888 791 1189
Intl: +1 925 924 9500
Aus: +1 800 631 268
UK: 0800 028 6590
CN: +86 400 660 8680

Direct Inward Dialing: +1 408 916 9892

 

How to find locked out accounts in
Active Directory

Start your free trial

If you are a sysadmin working in an Active Directory (AD) environment, you might have to resolve account lockouts on a daily basis. If so, having a list of all locked out user accounts in one place would be convenient. Here are two methods to get a list of locked out accounts in AD.

PowerShell script to find locked out accounts:

  1. Click Start, search for Windows PowerShell, right-click on it, and select Run as administrator.
  2. Install PowerShell Active Directory module by running the following script:

Install-WindowsFeature RSAT-AD-PowerShell

How to find locked out accounts in Active Directory
  1. This installation can be verified by running the following script:

Get-WindowsFeature -Name RSAT-AD-PowerShell

How to find locked out accounts in Active Directory
  1. Type the following script to find locked out user accounts:

Search-ADAccount -LockedOut | FT Name,ObjectClass -A

  1. Press Enter.

This script displays a list of locked out user accounts.

How to find locked out accounts in Active Directory

This method will display locked user accounts, but it will not provide the reason for the lockout, nor details about the locked out device.

Finding locked out users using ManageEngine ADAudit Plus

  1. Download and install ADAudit Plus.
  2. Find the steps to configure auditing on your domain controller here.
  3. Open the console and navigate to Reports → Active Directory → User Management → Account Lockout Analyzer.

This will show you a detailed list of locked out accounts along with their graphical representation.

How to find locked out accounts in Active Directory

Click on the items under the Analyzer Details column to see the possible reasons behind each account lockout.

How to find locked out accounts in Active Directory

Click here to see how ADAudit Plus helps to track the source of account lockouts.

ADAudit Plus' Account Lockout Analyzer tool enables you to track account lockouts and resolve them faster.

 

ADAudit Plus Trusted By