How to generate and export locked out users report

The following is a comparison between obtaining a locked out users report with Windows PowerShell and ADManager Plus.

Windows PowerShell

Steps to obtain locked-out users report using PowerShell:

  • Identify the domain from which you want to retrieve the report.
  • Identify the LDAP attributes you need to fetch the report.
  • Identify the primary DC to retrieve the report.
  • Compile the script.
  • Execute it in Windows PowerShell.
  • The report will be exported in the given format.
  • To obtain the report in a different format, modify the script accordingly to the needs of the user.

Sample Windows PowerShell script:

Import-Module ActiveDirectory
Search-ADAccount –LockedOut |
Select-Object -Property Name,DistinguishedName |
Export-CSV C:\Scripts\LockedOutADUsers.csv
-NoTypeInformation -Encoding UTF8
Click to copy entire script

ADManager Plus

To obtain the report,

  • Select Locked-out Users from the User Reports. 
  • Select Domain and OU. Click Generate. 
  • Select Export as to export the report in any of the preferred formats (CSV, PDF, HTML, CSVDE and XLSX).


A screenshot of ADManager Plus with a report of all the locked out users

» Start 30-day Free Trial

Following are the limitations to obtain report of locked out user accounts using native tools like Windows PowerShell:

  • We can run this script only from the computers which has Active Directory Domain Services role.
  • Difficult to export in other formats.
  • Applying filters like OU or name will increase the complexity.

ADManager Plus has an in-built feature to fetch the Locked-out Users in User Reports section. 

Email Download Link