I found my AD account being locked continuously when I had an enforced password change. This was because I had many disconnected (but not logged off) RDP sessions on many test servers across the network. So with the help of this PowerShell module, I wrote a script to detect which sessions were left open so I could manually log off.

Import-Module PSTerminalServices

$username = 'AndrewPotts'
$servers = @("serverA","serverB")

foreach ($server in $servers)
{
 Write-Host -NoNewLine $server
 
 try
 {
  $loggedOn = $False
  
  Get-TSSession -ComputerName $server | ForEach-Object { 
   if ($_.Username -eq $username) { $loggedOn = $True }
  }
  
  
  if ($loggedOn -eq $True)
  {
   Write-Host -ForegroundColor Yellow ' Logged on'
  }
  else
  {
   Write-Host
  }
 }
 catch [System.Exception]
 {
  Write-Host -ForegroundColor Red ' $_.Exception.Message'
 }
}