I have the following code which gives me the value of the user's UserAccountControl AD property:
$samId = "someUserName"
$directorySearcher = New-Object System.DirectoryServices.DirectorySearcher
$directorySearcher.PageSize = 100
$directorySearcher.SearchScope = [System.DirectoryServices.SearchScope]::Subtree
$directorySearcher.Filter = "(&(objectClass=user)(|(sAMAccountName=$samId)))"
$result = $directorySearcher.FindOne()
$uac = $result.Properties["useraccountcontrol"]
Write-Host $uac #output is 512
I have locked out this user in AD by inputting their password incorrectly 3 times.
Before I locked out the user the $uac variable was 512.
However after locking out the user, $uac still equals 512, whereas it should be equal to 528.
I have set other attributes and can see that these are updated within a few mins, so I don't think it has anything to do with AD replication as I have already waited about 30 mins.
