What is AD Unlock?

AD Unlock is an enterprise platform that enables employees to unlock their Active Directory accounts and reset passwords through WhatsApp, without requiring IT support tickets.

The Problem

Password-related issues account for 40-60% of IT helpdesk tickets. These simple operations consume valuable IT resources and create friction for employees, especially outside business hours.

Common scenarios:

Employee locked out of account after vacation
Password expired on a weekend
New employee can’t remember initial password
Mobile user locked out while traveling

The Solution

AD Unlock provides a secure, self-service channel through WhatsApp:


Employee: "My account is locked"
AD Unlock: "I found your account. Let me verify your identity."
AD Unlock: "I sent a 6-digit code to your email. Please enter it."
Employee: "847291"
AD Unlock: "Verified! Your account has been unlocked. You can log in now."

Key Benefits

Benefit	Impact
Reduce helpdesk tickets	40-60% of password tickets automated
24/7 availability	Self-service outside business hours
Faster resolution	Seconds instead of minutes/hours
User-friendly	No apps to install, uses existing WhatsApp
Secure	MFA, risk scoring, complete audit trail
Compliance ready	SOC2-ready audit logs

What AD Unlock Does

Account Unlock - Unlock AD accounts locked due to failed login attempts
Password Reset - Reset forgotten passwords with secure email delivery
Risk Assessment - Evaluate each request for suspicious activity
Policy Enforcement - Apply rules based on user groups, time, location
Audit Logging - Complete trail of all actions for compliance

What AD Unlock Does NOT Do

Does not access or read existing passwords
Does not send passwords via WhatsApp (email only)
Does not execute arbitrary commands
Does not bypass your security policies
Does not require changes to AD schema

How It’s Different

Feature	Traditional Self-Service	AD Unlock
Channel	Web portal	WhatsApp (already installed)
Availability	During office hours	24/7
User training	Required	None (natural language)
MFA	Usually separate system	Built-in (email OTP)
Risk scoring	Rarely	Every request
Deployment	On-premises	Cloud + lightweight connector

Architecture at a Glance


┌─────────────────────────────────────────────────────────────┐
│                     YOUR NETWORK                             │
│   ┌─────────────┐                   ┌───────────────────┐   │
│   │   Active    │◄─── LDAPS ───────►│   AD Connector    │   │
│   │  Directory  │                   │   (your server)   │   │
│   └─────────────┘                   └─────────┬─────────┘   │
│                                               │ Outbound    │
│                                               ▼ WSS         │
└───────────────────────────────────────────────┼─────────────┘
                                                │
┌───────────────────────────────────────────────┼─────────────┐
│                  AD UNLOCK CLOUD              ▼             │
│   ┌─────────────┐    ┌─────────────┐    ┌───────────────┐  │
│   │  WhatsApp   │───►│    API      │◄───│   Gateway     │  │
│   └─────────────┘    └─────────────┘    └───────────────┘  │
└─────────────────────────────────────────────────────────────┘

Next Steps

How It Works →5-Minute Tour →Requirements →