PowerShell Basics: How To Unlock A User In Active Directory via PowerShell
Published Sep 19 2019 12:01 AM 20.1K Views

Everyone makes mistakes. Sometimes end users forget their passwords and lock themselves out of their Active Directory access. Administrators can unlock these accounts via the Windows GUI, but what if there was a quicker way.  The PowerShell Active Directory module can save administrators time in governing end users and can also provide automation if required.  This example will highlight how to unlock an end user account in minimal steps via PowerShell and the Active Directory module.  Let's get started.


    1. Open PowerShell in Administrative mode
      Run PowerShellRun PowerShell
    2. Run the following command to install the Active Directory module:
      Install-Module ActiveDirectory

      Or confirm the module is loaded using the following command:

      Get-Module ActiveDirectory

    3. With the Active Directory PowerShell module now installed, run the following command to display and confirm that the user is locked out:
      Get-ADUser -Identity 'ENTER USER NAME HERE' -Properties LockedOut | Select-Object Name,Lockedout

    4. Run the following command to unlock the user account:
      Unlock-ADAccount -Identity 'ENTER USER NAME HERE' 

    5. Run the following command again to confimr that the user's account has been unlocked:
      Get-ADUser -Identity 'ENTER USER NAME HERE' -Properties LockedOut | Select-Object Name,Lockedout


Version history
Last update:
‎Apr 27 2021 07:31 AM
Updated by: