WinAdm.psm1
|
Function Get-ADLockedUser { <# .SYNOPSIS Get the locked status of one or all users from Active Directory. .DESCRIPTION This function gets the locked status of one domain user or of all domain users from the Active Directory. .EXAMPLE Get-ADLockedUser SamAccountName Name -------------- ---- SMAN Spider Man IMAN Iron Man UMAN Unknow Man .EXAMPLE Get-ADLockedUser -Logon JBOND UserPrincipalName LockedOut ----------------- --------- JBOND@yourdomain.net False .EXAMPLE Get-ADLockedUser -Logon JBOND -InformationLevel Detailed UserPrincipalName Name Enabled LockedOut ----------------- ---- ------- --------- JBOND@yourdomain.net James Bond True False .EXAMPLE Get-ADLockedUser -Logon JBOND -InformationLevel Quiet False .PARAMETER Logon The SamAccountName of some user. .PARAMETER InformationLevel You can use 'Detailed' to add or 'Quiet' to reduce the amount of information of this user. .LINK https://github.com/brunobritorj .NOTES Author: Bruno B Silva - brunobritorj@outlook.com #> [CmdletBinding()] Param ( [Parameter(Mandatory=$false,Position=0,ValueFromPipeline=$true)] [string]$Logon, [Parameter(Mandatory=$false,Position=0,ValueFromPipeline=$false)] [ValidateSet('Detailed','Quiet')] [String]$InformationLevel ) Process { If (!(Get-Module -ListAvailable -Name ActiveDirectory)) { Write-Error 'ActiveDirectory PowerShell module is required.' -Category NotInstalled } ElseIf ($Logon) { $User = Get-ADUser $Logon -Properties LockedOut Switch ($InformationLevel) { Detailed { Return $User | Select-Object UserPrincipalName, Name, Enabled, LockedOut} Quiet { Return $User.LockedOut } Default { Return $User | Select-Object UserPrincipalName, LockedOut } } } Else { Search-ADAccount -LockedOut | Select SamAccountName, Name } } } |