Phone Live Chat
US: +1 888 720 9500
US: +1 800 443 6694
Intl: +1 925 924 9500
Aus: +1 800 631 268
UK: 0800 028 6590
CN: +86 400 660 8680

Direct Inward Dialing: +1 408 916 9393

AD Management

How to unlock locked-out accounts in AD without PowerShell

In Active Directory (AD), a user account lockout occurs if the wrong password is entered several times within a certain interval of time. Usually, the account is locked by the domain controller for several minutes, during which the user cannot log in to the AD domain. After the amount of time configured in the account lockout policy passes, the user account is automatically unlocked. The purpose of setting up a user account lockout policy in AD is to prevent hackers or malicious insiders from gaining access to users’ accounts by guessing the credentials.

While account lockouts are generally attributed to brute-force attacks, there are other reasons why a lockout could happen:

  • If replication fails between DCs
  • If obsolete credentials are stored in the cache of applications or Terminal Services sessions
  • If a user logs in to multiple devices at the same time and the password is changed on one of them

Here are a few ways ManageEngine ADManager Plus will help you manage AD users with locked-out accounts.

Step 1: Identify locked-out accounts in AD

Step 1: Identify the locked-out accounts

The first thing you want to do is identify the user accounts that have been locked out. ADManager Plus offers a built-in report containing the list of locked-out users in any specific domain or OU. This report can be exported in multiple formats, or you can schedule the report to be periodically sent to your inbox. The dashboard on the homepage of the tool will also show you the number of locked-out user accounts.

Step 2: Unlock the user accounts in bulk

Once the locked-out users in AD have been identified, the next step is to unlock the accounts. ADManager Plus’ bulk user management capability gives you the flexibility to unlock the accounts of multiple users in a desired domain or OU with the help of a CSV file. You can even configure the tool to identify the locked-out users and unlock them all automatically.

Step 2: Unlock the user accounts in bulk
Step 2: Unlock the user accounts in bulk

Step 3: Delegate, yet stay in control

Step 3: Delegate, yet stay in control

The instant reports on locked-out accounts in AD and bulk AD account unlock operations certainly simplify the lives of IT administrators. In addition to those features, ADManager Plus also facilitates delegation of IT requests to other IT or non-IT users. With the help of audit reports, technicians’ actions can be monitored to prevent any unauthorized activity.


Interested in our AD account unlock tool?

  • Please enter a business email id
    By clicking 'Get Your Free Trial', you agree to processing of personal data according to the Privacy Policy.


Your download is in progress and it will be completed in just a few seconds!
If you face any issues, download manually here

Other features

Active Directory Management

Make your everyday Active Directory management tasks easy and light with ADManager Plus's AD Management features. Create, modify and delete users in a few clicks!

Active Directory Reports

A catalog of almost every report that you will need from your Active Directory! Comprehensive and Reliable reporting. Schedule reports to run periodically. Manage your AD right from within the reports.

Active Directory Delegation

Unload some of your workload without losing your hold. Secure & non-invasive helpdesk delegation and management from ADManager Plus! Delegate powers for technician on specific tasks in specific OUs.

Microsoft Exchange Management

Create and manage Exchange mailboxes and configure mailbox rights using ADManager Plus's Exchange Management system. Now with support for Microsoft Exchange 2010!!

Active Directory Cleanup

Get rid of the inactive, obsolete and unwanted objects in your Active Directory to make it more secure and efficient...assisted by ADManager Plus's AD Cleanup capabilities.

Active Directory Automation

A complete automation of AD critical tasks such as user provisioning, inactive-user clean up etc. Also lets you sequence and execute follow-up tasks and blends with workflow to offer a brilliant controlled-automation.

Need Features? Tell Us
If you want to see additional features implemented in ADManager Plus, we would love to hear. Click here to continue

ADManager Plus Trusted By

The one-stop solution to Active Directory Management and Reporting