I need to detect if a user has locked their account (by typing an incorrect password x times).
Is anyone else reporting on this?
Question
Detecting status of Local account - Is it locked?
+19
+15Check out this post: https://kevinbecker.org/blog/2015/09/17/unlock-an-active-directory-account-using-mac-os-x-directory-utility
My org doesn't have the lockoutTime attribute, but you might have it. If you do, then you could create an extension attribute that pulls that value. Use grep or awk to narrow down the exact value you need.
/usr/bin/dscl . -read /Users/$userNameHere | grep lockoutTimeEnter your E-mail address. We'll send you an e-mail with instructions to reset your password.