MacOS – Upon trying to login to an Active Directory, I am alerted with a window saying the account has expired. How to enable it

active-directoryadministratordirectory-utilitymacospassword

Upon trying to login to an all domains in Directory Utility, I am alerted with a window saying the account has expired. How can I re-enable it or fix this problem another way? I am able to unlock it with my administrator password, but it will not work for all domains.

Best Answer

You would need to use an app that connects to AD (ldap app of some sort) or remote into your domain controller using screen sharing or PowerShell to unlock the account.

Even a tool Apple Enterprise Connect or Nomad (https://nomad.menu) where the tool calls to the Active Directory only serves to change an existing account password and doesn’t have hooks to unlock a different account when you log in as a domain administrator account.