locked
Active Directory user account is locked RRS feed

  • Question

  • User-625206357 posted

    the directoryentry object with wrong password locks the user account and not able to log in again. pls anyone help me. 

    Tuesday, July 27, 2010 7:50 AM

Answers

  • User-126244515 posted

    Well, you need to unlock the account, and I guess from your post that you're not the administrator of the server or network, right? If not, you need to contact the administrator to unlock the account. I'm also guessing that you've been trying more than once with a wrong password, and subsequently the account got locked out. This is part of the policy for the server or network/domain, x number of invalid logon attempts locks out the user account. It may only be locked out for say 30 mins, after which the count is also reset, but you need to contact the administrator to find out.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Tuesday, July 27, 2010 10:29 AM

All replies

  • User-126244515 posted

    Well, you need to unlock the account, and I guess from your post that you're not the administrator of the server or network, right? If not, you need to contact the administrator to unlock the account. I'm also guessing that you've been trying more than once with a wrong password, and subsequently the account got locked out. This is part of the policy for the server or network/domain, x number of invalid logon attempts locks out the user account. It may only be locked out for say 30 mins, after which the count is also reset, but you need to contact the administrator to find out.

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Tuesday, July 27, 2010 10:29 AM
  • User-456111751 posted

    As Cartsen suggested, you shud have administrative permission to unlock the account. U can do it from the AD MMC console.

    Code to unlock using C# (System.Directoryservices namespace):

    using System;
    using System.Drawing;
    using System.Collections;
    using System.ComponentModel;
    using System.Windows.Forms;
    using System.Data;
    using System.DirectoryServices; 
    ... 
    
    private void btnDisableUser_Click(object sender, System.EventArgs e)
    {
    string strUserName = "InsertUserNameHere";
    DirectoryEntry usr = new DirectoryEntry("LDAP://dc=InsertDomainHere, dc=COM");
    DirectorySearcher searcher = new DirectorySearcher(usr);
    searcher.Filter = "(SAMAccountName=" + strUserName + ")";
    searcher.CacheResults = false;
    SearchResult result = searcher.FindOne();
    usr = result.GetDirectoryEntry();
    usr.Properties["LockOutTime"].Value = 0x0000;
    usr.CommitChanges();
    } 
    
    


     

    Wednesday, July 28, 2010 6:12 AM