Come and Check our BETA Alpha version of Powershellcenter.net
Send me your comment to Powershell@powershellcenter.com

Synopsis

Unlock a user account in Active Directory. Supported are both Active Directory Domain Services (AD DS) and Active Directory Lightweight Directory Services (AD LDS).

This cmdlet is part of the Quest ActiveRoles Server product. Use Get-QARSProductInfo to view information about ActiveRoles Server.

Syntax

Unlock-QADUser [-Identity] <IdentityParameter> [-Connection <ArsConnection>] [-ConnectionAccount <string>] [-ConnectionPassword <SecureString>] [-Control <hashtable>] [-Credential <PSCredential>] [-Proxy] [-Service <string>] [-UseGlobalCatalog] [-Confirm] [-WhatIf] [<CommonParameters>]

Detailed Description

Use this cmdlet to unlock a user account that has been locked out due to a number of failed logon attempts. You can unlock user accounts in both Active Directory Domain Services (AD DS) and Active Directory Lightweight Directory Services (AD LDS). The cmdlet has optional parameters that determine the server and the security context for the operation. Normally, the connection parameters could be omitted so far as a connection to a server is established prior to using the cmdlet. In this case, the server and the security context are determined by the Connect-QADService cmdlet. If you do not use Connect-QADService and have no connection established prior to using a cmdlet, then the connection settings, including the server and the security context, are determined by the connection parameters of the first cmdlet you use. Subsequent cmdlets will use those settings by default.

Parameters

-Connection [<ArsConnection>]

For parameter description, see help on the Connect-QADService cmdlet.

Required?   false
Position?   named
Default value?  
Accept pipeline input?   false
Accept wildcard characters?   false

-ConnectionAccount [<string>]

For parameter description, see help on the Connect-QADService cmdlet.

Required?   false
Position?   named
Default value?  
Accept pipeline input?   false
Accept wildcard characters?   false

-ConnectionPassword [<SecureString>]

For parameter description, see help on the Connect-QADService cmdlet.

Required?   false
Position?   named
Default value?  
Accept pipeline input?   false
Accept wildcard characters?   false

-Control [<hashtable>]

Use this parameter to pass request controls (in-controls) to ActiveRoles Server as part of an operation request. In ActiveRoles Server, request controls are used to send extra information along with an operation request, to control how ActiveRoles Server performs the request.

The parameter value is a hash table that defines the names and values of the request controls to be passed to ActiveRoles Server. The parameter syntax is as follows:

-Control @{<name> = <value>; [<name> = <value>] ...}

In this syntax, each of the name-value pairs is the name and the value of a single control. For instructions on how to create and use hash tables, see topic "about_associative_array" or "about_hash_tables" in Windows PowerShell Help. For information about ActiveRoles Server request controls, refer to ActiveRoles Server SDK documentation.

Note that this parameter only has an effect on the operations that are performed through ActiveRoles Server (connection established using the Proxy parameter); otherwise, this parameter causes an error condition in ActiveRoles Management Shell.

Required?   false
Position?   named
Default value?  
Accept pipeline input?   false
Accept wildcard characters?   false

-Credential [<PSCredential>]

For parameter description, see help on the Connect-QADService cmdlet.

Required?   false
Position?   named
Default value?  
Accept pipeline input?   false
Accept wildcard characters?   false

-Identity [<IdentityParameter>]

Specify the DN, SID, GUID, UPN or Domain\Name of the user account you want to unlock.

This parameter is optional since you can pipe into this cmdlet the object returned by the Get-QADUser cmdlet, to have that object identify the user account to act upon.

Required?   true
Position?   1
Default value?  
Accept pipeline input?   true (ByValue)
Accept wildcard characters?   false

-Proxy [<SwitchParameter>]

For parameter description, see help on the Connect-QADService cmdlet.

Required?   false
Position?   named
Default value?  
Accept pipeline input?   false
Accept wildcard characters?   false

-Service [<string>]

For parameter description, see help on the Connect-QADService cmdlet.

Required?   false
Position?   named
Default value?  
Accept pipeline input?   false
Accept wildcard characters?   false

-UseGlobalCatalog [<SwitchParameter>]

For parameter description, see help on the Connect-QADService cmdlet.

Required?   false
Position?   named
Default value?  
Accept pipeline input?   false
Accept wildcard characters?   false

-Confirm [<SwitchParameter>]

Prompts you for confirmation before executing the command.

Required?   false
Position?   named
Default value?  
Accept pipeline input?   false
Accept wildcard characters?   false

-WhatIf [<SwitchParameter>]

Describes what would happen if you executed the command without actually executing the command.

Required?   false
Position?   named
Default value?  
Accept pipeline input?   false
Accept wildcard characters?   false

Input Type

Return Type

Notes

Examples

EXAMPLE 1

PS> unlock-QADUser 'MyDomain\JSmith'

Description

-----------

Connect to any available domain controller with the credentials of the locally logged on user and unlock the user account identified by Domain\Name.

EXAMPLE 2

PS> unlock-QADUser '<DN of user account>' -Service 'server.domain.local:389'

Description

-----------

Connect to the AD LDS instance on 'server.domain.local:389' with the credentials of the locally logged on user, and unlock the AD LDS user account that is identified by DN.