It often happens that a user forgets his/her password and instead of asking theDomain Administrator to reset the password, they attempt to login by using the trial and error method. This results in the lock out of their account because of which a user cannot login again, (even with a valid password). An account can also get locked due to synchronization problems between the domain and other systems. Furthermore, accounts can be locked by the system or network administrator when an employee is on leave and unlocked on their return, (for security reasons to prevent misuses by another employee).
Note: Administrators can also use this method, to lock accounts of employees for covering up security loopholes. Accounts can not just be locked for employees on vacation, but also for incoming employees who might not have joined as yet, but their accounts might have been created, (e.g. on the request of the Human Resource department). The same procedure can be used to lock or unlock accounts in a Windows Server 2003 Domain.
Step 1: Go to Active Directory Users and Computers from the start menu (Start –> Administrator Tools –> Active Directory Users And Computers).
Step 2: From here go to the respective OU (Organizational Unit), a specificGroup or to Users and access user Properties by right clicking on the username (as shown below).
Step 3: Then select the Account tab and uncheck the Unlock Accountcheckbox. Click Apply, OK to finish. Alternatively, you can check the Unlock Account checkbox to lock an account manually.
