Backup/_NDGOV_WindowsTeam/ITD.Infra-ActiveDirectory.Object/Public/Unlock-ITDADAccount.ps1

<#
.Synopsis
   Unlock any Active Directory Account
.DESCRIPTION
   Unlock any Active Directory Account, verify information
.EXAMPLE
   Unlock-ITDADAccount -Identity username1
.EXAMPLE
   Unlock-ITDADAccount -Identity username1, username2, username3
.EXAMPLE
   Unlock-ITDADAccount -Identity username1 -Credential $PSCredential
.INPUTS
   Inputs to this cmdlet (if any)
.OUTPUTS
   Output from this cmdlet (if any)
.NOTES
   General notes
.COMPONENT
   The component this cmdlet belongs to
.ROLE
   The role this cmdlet belongs to
.FUNCTIONALITY
   The functionality that best describes this cmdlet
#>
function Unlock-ITDADAccount
{
    [CmdletBinding()]
    Param
    (
        [Parameter(Mandatory=$true)]
        [string[]]
        $Identity,

        [PSCredential]
        $Credential
    )

    Begin
    {
        Write-Verbose "Validate credentials, stop script if invalid."
        If($Credential -eq "" -or $Credential -eq $null)
        {
            $Credential = Get-Credential -Message "Enter domain/OU administrator credentials.  User name must be entered as a SAMAccountName (DOMAIN\username) or as a User Principal Name (username@domain.com)" -UserName $Credential
            If($Credential -eq "" -or $Credential -eq $null)
            {
                Write-Warning "credentials missing - stopping script"
                break
            }
            If((Test-ADCredential -Credential $Credential -ErrorAction Stop) -eq $false)
            {
                Write-Warning "Invalid credentials or locked account."
                break
            }
        }

        .3
        Import-Module ActiveDirectory
    }
    Process
    {
        ForEach ($i in $Identity)
        {
            $before = Get-ADUser -Identity $i -Properties SamAccountName,PasswordLastSet,lastLogonDate,Enabled,LockedOut | Select-Object SamAccountName,PasswordLastSet,lastLogonDate,Enabled,LockedOut
            $SamAccountName = $before.SamAccountName
            If($before.LockedOut -eq $false)
            {
                Write-Warning "[$SamAccountName]:Before:$before"
            }
            Else
            {
                Unlock-ADAccount -Identity $i -Credential $Credential
                $after = Get-ADUser -Identity $i -Properties SamAccountName,PasswordLastSet,lastLogonDate,Enabled,LockedOut | Select-Object SamAccountName,PasswordLastSet,lastLogonDate,Enabled,LockedOut
                Write-Warning "[$SamAccountName]:After:$after"
            }
        }
    }
    End
    {
    }
}