Function Reference

_AD_IsObjectLocked

Returns 1 if the object (user account, computer account) is locked.

#Include <AD.au3>
_AD_IsObjectLocked([$sObject = @Username])

 

Parameters

$sObject Optional: Object to check (default = @Username). Can be specified as Fully Qualified Domain Name (FQDN) or sAMAccountName

 

Return Value

Success: 1, Specified object is locked, sets @error to:
    x - number of minutes till the account is unlocked. -1 means the account has to be unlocked manually by an admin
Failure: 0, sets @error to:
    0 - $sObject is not locked
    1 - $sObject could not be found

 

Remarks

A $ sign must be appended to the computer name to create a correct sAMAccountName e.g. @ComputerName & "$"
LockoutTime contains the timestamp when the object was locked. This value is not reset until the user/computer logs on again.
LockoutTime could be > 0 even when the lockout already has expired.

 

Related

_AD_GetObjectsLocked, _AD_UnlockObject

 

See Also

http://www.pcreview.co.uk/forums/thread-1350048.php, http://www.rlmueller.net/IsUserLocked.htm, http://technet.microsoft.com/en-us/library/cc780271%28WS.10%29.aspx

 

Example


#AutoIt3Wrapper_AU3Check_Parameters= -d -w 1 -w 2 -w 3 -w 4 -w 5 -w 6
#AutoIt3Wrapper_AU3Check_Stop_OnWarning=Y
#include <AD.au3>

; Open Connection to the Active Directory
_AD_Open()
If @error Then Exit MsgBox(16, "Active Directory Example Skript", "Function _AD_Open encountered a problem. @error = " & @error & ", @extended = " & @extended)

; *****************************************************************************
; Example 1
; Checks if the account for the current user is locked.
; *****************************************************************************
If _AD_IsObjectLocked() Then
    MsgBox(64, "Active Directory Functions", "User account '" & @UserName & "' is locked")
Else
    MsgBox(64, "Active Directory Functions", "User account '" & @UserName & "' is not locked")
EndIf

; *****************************************************************************
; Example 2
; Get a list of locked accounts and checks the first entry
; *****************************************************************************
Global $aLocked = _AD_GetObjectsLocked()

If $aLocked[0] > 0 Then
    Global $sUser = _AD_FQDNToSamAccountName($aLocked[1])
    If _AD_IsObjectLocked($sUser) Then
        MsgBox(64, "Active Directory Functions", "User account '" & $sUser & "' is locked")
    Else
        MsgBox(64, "Active Directory Functions", "User account '" & $sUser & "' is not locked")
    EndIf
Else
    MsgBox(64, "Active Directory Functions", "No locked users accounts found")
EndIf

; Close Connection to the Active Directory
_AD_Close()