Simple way to check if an AD account is locked

I use a lot of service accounts when I develop an application (for DB access, web service access, external api access).

Sometimes (with multiple hands in a project) a service account can become locked.  So a co-worker pointed me to a command to run on the command line to check if an account is locked.  It’s much easier then getting the AD tools installed or even waiting for them to startup (like if you have a big forest).

Just type this command and you will get a bunch of info about the account (like what groups they are in).  The account active will let you know if it locked or not.
Be aware that domain admins can lock this info down so you may not find out if the account is locked out or now.

net user /domain <username>

 

Advertisements

Got something to add?

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s