Unlocking AD account - not working from command line

Hi There,

I have access to unlock AD accounts via the “Active Directory Users and Computers” console, however, if I try the same thing from the command line (Unlock-ADAccount) the system shows a “insufficient access rights” error even though I open the PS console with the account having rights to do that AND even enter the same account using the -Credentials parameter.

What’s going on?

Are you running powershell as admin?

Yes, that account has domain admin rights.

To perhaps clarify this, I open the AD console using my domain admin account (Run As) and I can unlock accounts, I open the PS console using the same account, no dice.

Check out this

Also running it with an account that has Domain Admin rights, is not the same thing as running powershell as administrator. Does the powershell bar says “Windows Powershell” or does it say “administrator: Windows powershell” ?

Well my friend, I have to thank you for that link, applying the Hotfix mentioned solved the problem.