UserLock PowerShell
Manage and automate UserLock through PowerShell commands and scripts. PowerShell gives administrators full control over UserLock configuration and reporting, enabling scripted automation and advanced integrations.
UserLock PowerShell provides a command-line interface for administrators who prefer scripting to GUI management.
It allows bulk operations, scheduled automation, and custom data queries against UserLock.
Already used for Windows Server and Exchange administration, PowerShell is a familiar tool for IT professionals.
UserLock PowerShell supports the same principles — cmdlets can be executed manually or scheduled to run automatically.
To use UserLock PowerShell, make sure the following prerequisites are met:
✅️ PowerShell 3.0 or later.
Installed by default since Windows Server 2012 and Windows 8.✅️ Execution policy.
Must be set toRemoteSigned(or less restrictive) on the computer running scripts.✅️ UserLock installation.
The Userlock service must be installed on the machine running the scripts.
UserLock PowerShell is automatically installed with the UserLock Windows Console.
To start it:
Open the UserLock Console.
Click the PowerShell prompt icon in the toolbar.
Note
The console loads with the UserLock module pre-imported and connected to the currently selected server. No additional configuration is required.
Each cmdlet accepts an optional UserLockServerName parameter that defines which UserLock server executes the command.
If specified, the command runs on the indicated server, and the variables
$UserLockServerNameand$UserLockServerare updated accordingly.If omitted, the cmdlet uses the current server stored in
$UserLockServerName.
Get-UserLockProtectedAccountEffective -UserLockServerName 'ULSRV2' -Name 'MyUsr'
You can also change the $UserLockServerName variable manually before running a command.
$UserLockServerName = 'ULSRV3'
Get-UserLockProtectedAccountUserLock PowerShell offers several ways to access help — online documentation and contextual assistance directly within PowerShell.
The complete online documentation for UserLock PowerShell is available here:
👉️ UserLock PowerShell cmdlet reference
Each cmdlet has its own dedicated page describing:
Its syntax
Parameters and accepted values
Examples
Related cmdlets and use cases
To display all available UserLock PowerShell cmdlets directly from the console:
Get-UserLockCommandThis command lists every UserLock-specific cmdlet loaded in the current session, with their names and brief descriptions.
Use PowerShell’s built-in Get-Help to view detailed information about a cmdlet:
Get-Help <UserLock_Cmdlet_Name>
The following examples demonstrate common administrative automations that can be achieved with PowerShell.
These can be run manually or scheduled through Windows Task Scheduler.
Get-UserLockReportedComputer -OnlyWorkstation |
where {($_.SessionCount -eq 0) -and ($_.Available)} |
Stop-UserLockComputer -ForceGet-UserLockAgentDistribution |
where {($_.IsServer -eq 'Workstation') -and ($_.AgentType -eq 'Desktop') -and ($_.AgentStatus -eq 'NotInstalled') -and ($_.LastCheckStatus -eq 0)} |
Install-UserLockAgent -ForceGet-UserLockAgentDistribution |
where {($_.AgentStatus -eq 'installing') -and ($_.IsServer -eq 'workstation')} |
Restart-UserLockComputer -ForceGet-UserLockInteractiveSession |
Send-UserLockPopup -Title 'IT Maintenance' -Message 'The File server is currently restarting. It will be available in 5 minutes.' -ForceSet-UserLockProtectedAccount -Name * -Type user -Property DisplayWelcomeMessage -Value true -ForceGet-UserLockOrphanedInteractiveSession | Reset-UserLockSession -ForceGet-UserLockReportedUser | ForEach-Object {
$name = $PSItem.Name
Write-Host "Resetting MFA key for $name"
$UserLockServer.ResetMFAKey($name)
}Download the script and follow the included instructions:
https://cdn.isdecisions.com/Download/userlock/NewUserLockProtectedAccountSettings.zip