Get-LockedOutLocation

  This function will locate the computer that processed a failed user logon attempt which caused the user account to become locked out.  The locked out location is found by querying the PDC Emulator for locked out events (4740).   

 
 
 
 
 
4.4 Star
(49)
53,781 times
Add to favorites
Active Directory
3/20/2013
E-mail Twitter del.icio.us Digg Facebook
  • Location is blank
    2 Posts | Last post February 04, 2020
    • Took me a few tries to run the script. I had to run it with elevated credentials and I had to run the command to temporarily allow it because it wasn't digitally signed.
      
      Once I got it running I analyzed the two accounts that were frequently locked out. It pulled up a lot of hits being locked out on the DC.
      
      And the locked out location for both users is blank.
      
      Anything I can do?
    • Thanks for the script.
      My locked out location for both users is blank too.
      Any ideas?
  • Is There anyway I can run thescript only for particular DC?
    1 Posts | Last post June 08, 2018
    • Hi Jason,
      
      This Script looksup for all DCs in domain and finds out the lockout location.
      
      Is there anyway I can run only for particular domain controllers like 2 or 3 Instead of running in 12 DCs in my enterprise environment.
  • Run with PowerShell and it just opens and closes
    1 Posts | Last post January 10, 2018
    • When I run it with PowerShell, it just opens up and closes right away. :(
  • HostName missing from error messages and Domain Controllers are not listed alphabetical order.
    1 Posts | Last post September 11, 2017
    • Very useful script - thank you.
      
      Code like:
              Catch
              {
                 Write-Warning $_
                 Break
              }
      does not show the hostname that had the error.
      
      Changed the code at line 64 from
         'Write-Warning $_'
      to 'Write-Warning "$_ HostName=$($DC.HostName)."'
      
      Changed the code at line 91 from
         'Write-Warning $_'
      to 'Write-Warning "$_ HostName=$($PDCEmulator.HostName)."'
      
      (I left the code at line 42 alone.)
      
      Domain Controllers are not listed alphabetical order.
      Changed the code at line 50 from
         '$DomainControllers = Get-ADDomainController -Filter *'
      to '$DomainControllers = Get-ADDomainController -Filter * | Sort-Object HostName'
      
      Once again, thank you.
  • Right Click .ps1 "Run with PowerShell" closes PowerShell Session regardless
    2 Posts | Last post June 15, 2017
    • So, I have a .ps1 with this function and then the following underneath it:
      
      ###START ###
      Clear-Host
      
      ## GET USERNAME ##
      Do {$username = Read-Host 'Please enter the Username of the Locked Out Account'
      
        ## VALIDATE USERNAME ##
          $validate = Get-Aduser -LDAPFilter "(SamAccountName=$username)"
          if ($validate -eq $null) {
            Write-Host 'Invalid Username'
            }
          } #end of 'Do'
      until ($validate -ne $null)
      
      ## GET LOCKED OUT INFORMATION ##
      Get-LockedOutLocation -Identity $username
      
      ### FINISH ###
      
      
      Now, if i call the script through an existing open powershell session or through ISE, no problems at all, i get the output fine.
      However, If I right click on the .ps1 in windows explorer and choose "Run with PowerShell", the script runs, you see if query the DC's and just as its gives the ouput, the powershell window closes.
      I have tried everything to keep the window open, like adding in another line such as:
      
      Read-Host -prompt 'Press ENTER to Continue'
      
      but to no avail, no matter what I put in there, it ignores it all and just closes the powershell window as soon as its given the output from Get-LockedOutLocation.
      
      Any idea's???
      Ideally I want our service desk to simply be able to right click the script and run it using powershell.
    • Try renaming the .ps1 to .psm1. Import it using "Import-Module C:\scripts\Get-Lockedoutlocation.psm1" and then try using Get-Lockedoutlocation -Identity $username.
  • Begginer
    2 Posts | Last post May 19, 2017
    • OK So I keep seeing that this is a very helpful script but I just cannot seem to get it running properly. I've downloaded the script, sent it to my Domain Controller, and placed it on the desktop of my user account. When I right-click on the script and choose "Run with Powershell" I get nothing, just a PS screen that loads and goes away really fast. I've tried searching "How to run a Powershell script" but even then I cannot seem to find anything that will get this specific script to run. I really need it. Can someone walk me through on how to run this script?
      
      Also, when I open Powershell the first thing I see on the window is: 
      PS F:\>
      
      What does the "Greater than" symbol mean here after the slash(\)?
    • Hi there, germgerm!
      
      So first of all: the PS [X]:> is the path you're currently on. You'll see the same thing in cmd, for example. In your case you're in the root folder of the F drive. When I open PowerShell it defaults to C:\Users\[myUsername]>
      
      Secondly - I might be wrong, but the script here is "packaged" within a function. So when you "run with Powershell" you just import the function, but then don't do anything with it. Try opening the Powershell ISE and just copy-paste everything from the ps1 file into the white part of ISE, then hit F5. Afterwards, in the console window in ISE type "Get-LockedOutLocation -identity [username_you_want_to_check]"
      
      Cheers!
  • Hurrah..It worked like a charm..
    1 Posts | Last post April 20, 2017
    • HI Jason,
      
      This is really a wonderful script, helped a lot in critical situations.
      
      Is there a way we can edit to search for lockout location only in particular domain controller, rather than searching all domain controllers in the environment.
  • script not working
    2 Posts | Last post March 02, 2017
    • Hi,  I am trying to run this script. I have tried a multiple of combinations on the command line in powershell.
      . .\Get-LockedOutLocation.ps1
      .\Get-LockedOutLocation -Identity kentc
      
      or 
      . .\Get-LockedOutLocation.ps1
      .\Get-LockedOutLocation -user clark.kent
      
      There seems to be no output/error.  Can you help please
    • Hey Tommy,
      
      Thanks for using the script.  This question is answered in the comments but it looks like you are not dot sourcing the script.
      
      C:\PS>. .\Get-LockedOutLocation.ps1
      
      C:\PS>Get-LockedOutlocation -Identity User1
      
      Notice the first line in the example there is a space between the two dots.  And once you have successfully dot sourced the script you should be able to tab complete the function and the parameters.
  • The script does not work in our environment as-is, required changes
    1 Posts | Last post December 31, 2016
    • First, I had to remove -Error Stop and change to -Error Continue because we have some offline DCs.
      
      
      Finally got the output I needed, but I gave up trying to make it look pretty, just stuck a lot of Write-Host statements in the nested IF and FOR loops.
  • Where I can see the result of the command
    1 Posts | Last post March 17, 2016
    • Dears,
      
      I execute the command in My Master Operation server and running without error, but I don´t know were I can see the result of this command.
      
      Where I can see the computer that block my account ?
1 - 10 of 31 Items