Tuesday, January 27, 2009

Net User Command for Unlocking the Disabled AD Domain accounts

it has been 6 day since our network was hit by W32.Downadup.B

this is a very NASTY virus it disables all the accounts in Active directory (AD)

It was becoming pain in the neck enablink all 70 accounts one by one from console. the accounts gets disabled even before I reached the halfway mark. it was frustrating. 

then i  remembered that there is a command  to handel AD  related tasks, and with the same we can enable the locked accounts.

so i searched the net and got this command

NET USER Domain\login name /Domain /ACTIVE:YES

but this command was not working... did lot of combinations but still it didnt work... all the resources i could find on the net they were leading to this command only.

Then finally after reading at Microsoft site the detailed help regarding this command i got the solution....

The Correct command is:

NET USER User /Domain /ACTIVE:YES

eg if user is "ABC" an domain is "mydomain.com"  then the command becomes

NET USER abc /mydomain /ACTIVE:YES

I created a batch file of all the users login name and then had it scheduled to run every 1 minute from 3 servers ( this command can be run from any mahine in domain provided you have administrator equal login rights)

I am still trying to get solution to remove this virus from my Network.. will post my results when ever i am successfull in doing so...

have a nice day.

Recent Posts

IMA ADPCM CODEC 80000Khz 4Bit MONO Format for Phone Systems

Today I had a challenging task of setting up Auto Attendant on a Panasonic phone system. We required to record a Greeting message and upload...