How to determine if a local account is locked?

%3CLINGO-SUB%20id%3D%22lingo-sub-1312388%22%20slang%3D%22en-US%22%3EHow%20to%20determine%20if%20a%20local%20account%20is%20locked%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1312388%22%20slang%3D%22en-US%22%3E%3CP%3EHi%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWithin%20minutes%20of%20searching%2C%20I%20was%20able%20to%20find%20the%20script%20below%20which%20determines%20if%20an%20Active%20Directory%20account%20is%20locked%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EGet-ADUser%20myaccount%20-Properties%20LockedOut%20%7C%20Select%20-Object%20LockedOut%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EHowever%2C%20after%20almost%201.5%20hours%20of%20searching%2C%20I%20can't%20find%20a%20script%20that%20will%20tell%20me%20if%20a%26nbsp%3B%3CSTRONG%3Elocal%26nbsp%3B%3C%2FSTRONG%3Eaccount%20is%20locked!%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EDoes%20anyone%20have%20a%20script%20for%20that%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1312388%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EWindows%20PowerShell%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1346333%22%20slang%3D%22en-US%22%3ERe%3A%20How%20to%20determine%20if%20a%20local%20account%20is%20locked%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1346333%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F58%22%20target%3D%22_blank%22%3E%40Vasil%20Michev%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks.%20I%20am%20using%20Windows%20Enterprise%20Server%20and%20not%20Azure.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1323296%22%20slang%3D%22en-US%22%3ERe%3A%20How%20to%20determine%20if%20a%20local%20account%20is%20locked%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1323296%22%20slang%3D%22en-US%22%3EYou%20can%20use%20win32_userAccount%20WMI%20class%20to%20do%20a%20remote%20query%20on%20a%20computer%20hosting%20the%20local%20account%20you%20want%20to%20get%20lockOut%20status%20of%3CBR%20%2F%3E%3CBR%20%2F%3Eget-wmiObject%20-class%20win32_userAccount%20-computerName%20%3CREMOTE-COMPUTER%3E%20%7C%20where-object%20%7B%24_.name%20-like%20'localAcc1*'%7D%20%7C%20select-object%20-property%20status%2C%20lockOut%2C%20SID%2C%20disabled%3C%2FREMOTE-COMPUTER%3E%3C%2FLINGO-BODY%3E
Highlighted
New Contributor

Hi,

 

Within minutes of searching, I was able to find the script below which determines if an Active Directory account is locked:

 

Get-ADUser myaccount -Properties LockedOut | Select -Object LockedOut

 

However, after almost 1.5 hours of searching, I can't find a script that will tell me if a local account is locked!

 

Does anyone have a script for that?

 

5 Replies
Highlighted

Locked has a different meaning in AD, compared to Azure AD (where it basically means "blocked"). So depending on which one you're after, check either the lockoutTime attribute or the relevant "bit" of the UserAccountControl attribute: https://support.microsoft.com/en-ca/help/305144/how-to-use-useraccountcontrol-to-manipulate-user-acc...

Highlighted
You can use win32_userAccount WMI class to do a remote query on a computer hosting the local account you want to get lockOut status of

get-wmiObject -class win32_userAccount -computerName <remote-computer> | where-object {$_.name -like 'localAcc1*'} | select-object -property status, lockOut, SID, disabled
Highlighted

@Vasil Michev 

 

Thanks. I am using Windows Enterprise Server and not Azure. 

 

Highlighted

@Animesh Joshi 

 

Thanks.

 

I tried the below on the server but it just hangs.  PDB0V is the server name and SSRS is a local account on that server.

 

get-wmiObject -class win32_userAccount -computerName PDB0V| where-object {$_.name -like '*SSRS*'} | select-object -property status, lockOut, SID, disabled*

Highlighted
Do you get any warnings/error messages?
Any reason you've added an asterisk '*' after disabled property
Have you tried putting FQDN of the server PDB0V