Phone Live Chat
US: +1 888 720 9500
US: +1 800 443 6694
Intl: +1 925 924 9500
Aus: +1 800 631 268
UK: 0800 028 6590
CN: +86 400 660 8680

Direct Inward Dialing: +1 408 916 9393

Unlock User

Unlock User API

This API can be used to unlock any user account in Active Directory.

Request URL (JSON) format: http://<hostname>:<port>/RestAPI/UnlockUser

Request parameters:

Parameter Name Is Mandatory Description
PRODUCT_NAME Yes Product name / module name from which the request is being sent; will be needed for auditing.
AuthToken Yes Authentication token obtained using the Generate AuthToken API.
domainName Yes Domain name of the user accounts.
inputFormat Yes Details of each user account to be unlocked. This attribute should be a JSONArray string and must be in format mentioned below.
[<JSONObject>, <JSONObject>,
JSONObject - key/value pair of ldap
attributes and the values
Sample code in java:
JSONArray userDetails = new
JSONObject json = new JSONObject();
json.put("sAMAccountName", "John");
json = new JSONObject();
json.put("sAMAccountName", "Mat");


You can specify any of the following attributes as search criteria to locate user objects using REST API requests:

  1. sAMAccountName
  2. UserPrincipalName
  3. distinguishedName
  4. mail
  5. employeeID
  6. objectGUID
  7. objectSid


The response will be a JSONArray string which contains the list of JSONObjects. Each JSONObject in the list represents a user account sent in the inputFormat parameter in the request. Each object will contain the following properties.

Parameter Name Description
userPrincipalName userPrincipalName of the user.
sAMAccountName sAMAccountName of the user.
objectSID objectSID of the user.
statusMessage Contains the appropriate message if an issues/error occurs while processing the request.

Sample Input / Output




[{"userPrincipalName":"colin.altonen@admanagerplus.COM","sAMAccountName":"colin.alton en","objectSID":"S-1-5-21-2996321955-1937665885-1535019402-3712","objectGUID":"{B6EB C9F3-703E-43F4-BAF9-FC785E34099D}","distinguishedName":"CN=colin.altonen,OU=test,D C=admanagerplus,DC=COM","statusMessage":"Successfully modified."}]

Technician-based unlock users limit

The total number of user accounts that technicians can unlock in a day using the UnlockUser API depends on the total number of licensed help desk technicians (HDTs).

The maximum number of API calls that an HDT can make is 50/day, irrespective of the tasks that the HDT performs. If you have two HDT licenses, the total number of API calls that you can make is 100/day, that is 2*50.

As the per day API call limit is not task-specific, you can perform any operation but the total number of API calls should not exceed 100. That is, an HDTcan perform a variety of operations like user creation, OU creation, password reset, etc., but the number of API calls for all the tasks put together should not exceed 100.


  • The default admin account will not be considered as a help desk technician.
  • Ensure that you URL encode all the special and reserved characters used in REST API requests. Since the client sending the request (browser, postman or TP tools) does not fall under ADManager Plus, encoding the URL for special, reserved and unsafe characters is solely the users' responsibility.

    Reserved characters include ; / ? : @ = &
    Unsafe characters include < > # % { } | \ ^ ~ [ ] ` "'

ADManager Plus Trusted By

The one-stop solution to Active Directory Management and Reporting
Email Download Link