How to unlock AD User account using vRO

Scenario

Imagine you got a locked AD account and you don’t have access to Active Directory or don’t have rights to unlock your account but luckily have access to vRO or your colleague has access to the same vRO where your account’s AD is connected or maybe you just want to check and unlock an AD user account programmatically in your use-case (for eg. some service accounts that get locked every time you try to run something), What you should do? Just run a simple vRO script.

Solution

Create action and add input of type AD:User and paste 👇 script & execute it.

// Input AD:User
user.setAttribute('lockoutTime','0');
return user;

Steps

  • Create a new action and copy-paste the above script.
  • Add input User of type AD:User.
  • Save the action and Run it.
  • Select the user that you want to unlock and Click Run.

The action should execute successfully and your locked account is unlocked now.

Other attributes

  • Never expire account: user.setAttribute("accountExpires", NewDate);
  • Never expire password: user.setAttribute("userAccountControl", 66048);
  • Set email address: user.setAttribute("mail", strEmail);

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s