Skip to content

Active Directory User Unlock Tool

Quickly find and unlock user accounts, reset passwords and troubleshoot account lockouts

Key Features

  • Find all locked users
  • Quickly unlock accounts
  • Reset passwords
  • Find the source of account lockouts

Features Overview

Find Locked Accounts

With a click of the button, you can display all locked user accounts and quickly unlock them. This tool is the fastest and quickest way to unlock user accounts.

Reset Passwords

Quickly reset the current locked user or search for an account to reset.

Lockout Source

Display detail information about an account such as, source computer, bad password count, bad password time, domain controller and account lockout time.

How Does it Work?

The User unlock tool is very easy to use.

Step 1: Open Tool

Click User-Unlock.bat to open the tool

user-unlock-1
Click to enlarge

Step 2: Click The Find Button

To display all locked users click the find button

Click the find button to display all locked users
Click the find button to display all locked users
user-unlock-3

With all the locked users displayed just select an account and click the unlock button.

Click unlock to unlock a user account
Click unlock to unlock a user account

When you click the unlock button a message will be displayed that the user has been unlocked

Example 2: Troubleshoot Account Lockouts (Find source computer)

To troubleshoot account lockouts just select an account and click the details button.

Find source of account lockout
Find source of account lockout

In the above screenshot, I clicked details for the test.user2 account. This will query the event logs on the domain controller and pull back the lockout event and the source computer of the lockout.

In addition to the source computer, it will display if an account is currently locked out, bad password count, bad password time, domain controller and account lockout time.

This will require rights to view the logs on the domain controller.

Example 3: Quickly Reset Passwords

You can either reset the current locked user or search for a user to reset.

Quickly reset Active Directory account passwords
Quickly reset Active Directory account passwords

Requirments

  • The Microsoft RSAT tools must be installed if running on a remote computer such as Windows 10.
  • The user running this tool will need rights to unlock and reset accounts
  • The details option requires rights to view the logs on domain controllers. This can be delegated to staff rather than providing them domain admin rights.
  • The source computer requires the auditing logs to be enabled on the domain controllers.