The referenced account is currently locked out and may not be logged on to

Table of Contents

Case #

When trying to login to a Windows account, either a local or domain Windows Server account, you incorrectly provide the password multiple times and eventually the account gets locked. You receive the following message.

The referenced account is currently locked out and may not be logged on to.

This article provides an easy way to unlock the user account and thus allow you to login without issues.

Solution #

Navigate to the Active Directory server or any management server which has the Remote Server Administration Tools (RSAT) installed and the Powershell Active Directory module imported. If the Powershell Active Directory module is not imported, import it by running the below command.

import-module ActiveDirectory

Run the following command in an elevated Powershell terminal.

Get-AdUser [user samaccountname] -properties sAMAccountName,Enabled,LockedOut

If the user is locked out you should see the relevant property set to True. Now execute the following command.

Unlock-ADAccount [user sAMAccountName]

Your user “lockedout” property should now be unlocked and ready to be used for logon.

An alternative method would be to make use of the Active Directory Users and Computers MMC snapin (dsa.msc) or the Windows Admin Center interface to issue a command to unlock the Active Directory user account object. This can also be done when resetting a user’s account password from the DSA.MSC console.

Powered by BetterDocs