This script lets you see lockout events for a user from the domain controller on which the event(s) occurred. It accepts the user’s distinguished name as input, enumerates the list of domain controllers, then finds the LockoutTime on each domain controller. It then calculates the time +/- 2 seconds, and queries the DC event log…
Tag: Lockout
Get User Lockout Status with PowerShell
Get-UserLockoutStatus.ps1 is an interactive script to get the lockout status of a selected user or all users in a specified domain. It queries each domain controller for non-replicated attributes using a workflow with an inline script for speed. It requires the ActiveDirectory Module.