Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # taken from http://www.alexwinner.com/articles/powershell/111-lockoutaccountsad.html
- function checkIfLocked($sAMAccountName){
- # sAMAccountName of the user
- # $sAMAccountName = "User-0"
- $ADS_UF_LOCKOUT = 16
- $Attribute = "msds-user-account-control-computed"
- $ADSearcher = New-Object System.DirectoryServices.DirectorySearcher
- $ADSearcher.PageSize = 1000
- $ADSearcher.Filter = "samaccountname=$sAMAccountName"
- $User = $ADSearcher.FindOne()
- # Use DirectoryEntry and RefreshCache method
- $MyUser = $User.GetDirectoryEntry()
- $MyUser.RefreshCache($Attribute)
- # Return the value of msds-user-account-control-computed
- $UserAccountFlag = $MyUser.Properties[$Attribute].Value
- if ( $UserAccountFlag -band $ADS_UF_LOCKOUT ) {
- Write-host "Account $sAMAccountName is locked"
- } else {
- Write-host "Account $sAMAccountName is NOT locked"
- }
- }
Add Comment
Please, Sign In to add comment
