I keep getting locked out!

Surely some of you admins have seen this...anyone have an answer?

I'm in a W2k AD.
Seems like every time I change my password, I go through about 2 weeks of having it lock on me for no apparent reason.
I'll be navigating thru my servers and all of a sudden get the "attempt to compromise security" message, or simpy a message that my account is locked out.

I'm sure the reason is that somewhere among the 140+ servers I support, I locked the remote console instead of logging out (or at least partially sure).

a) any way around this
b) any way of determining if my account is logged on elsewhere?

TIA
LVL 67
sirbountyAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
Fatal_ExceptionConnect With a Mentor Commented:
I actually saw this thread yesterday, and gave it some thought..  Nothing really came to mind so I thought I would just wait for a brilliant answer to your problem...  :)

This probably does not apply to your situation, but..

http://support.microsoft.com/?kbid=275508

What about using a 15 char password (if you are not already..)  Take the LM hash out of the mix..  You could even use a null char (a) to string it out..   Know I am grasping here, but what the heck..
0
 
magus123Connect With a Mentor Commented:
i am sure you caon probably do some auditing policy are something of that nature.
your delima represents a security issue , permission issue , request issue etc.
you should have a policy in place to track logon requests , user and group manamagment etc
forthe admin account

i would setup up a audit that tracks all deny logon requests for the network.

have you checked  AD to see if no one else has the same power as you

etc....
0
 
ninpokaiConnect With a Mentor Commented:
Not sure if this is the same problem as what I had.  For some reason after I changed my password i would, periodically, throughout the day get locked out.  I would have to get back in and unlock my account and then a couple of hours later I got locked out again.  I simply took my workstation back to a workgroup and rejoined the domain and it's been fine since...not sure why it worked or why it happened...let me know how it does.

Nin
0
Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

 
sirbountyAuthor Commented:
>magus123 - I think I'd have to set up this policy across the enterprise - wouldn't I?  Not something I'm prepared to do.
Also, it's not like I've tried logging in with the wrong password - I am logged on for an hour or more before the 'weirdness' kicks in...

>ninpokai - Hmm - almost sounded like this would be on the right track, but I've experienced this problem through about 4 rebuilds now (over a year or longer) - so I don't think that'd do it...If no other suggestions, I may still give it a shot though.. Thanx.
0
 
magus123Commented:
i would not use audting or tracking on  very large enterprise , as it would slow down traffic and
cause behaviors , its only ment for samller local intranets. i would wait for someone that has
more experience to post .

have looked on ms support for known lockout issues in AD
0
 
sirbountyAuthor Commented:
Strange thing is - it's happening with both of my accounts.
I have an 'admin' account and a 'user' account.  I change the password on both at the same time, so they'll stay in synch.
I know I wouldn't have used my user account elsewhere...it's only used to get into my email - and I was in there fine and working when it locked on me... :(
0
 
ninpokaiCommented:
have you logged out of the domain and back in...??? Just curious if you user profile is corrupted for some reason...
0
 
sirbountyAuthor Commented:
straws are okay with me - I'll check that option on Monday FE.
Yes, I've rebooted and logged out several times...seems to happen every time I've changed my password
0
 
sirbountyAuthor Commented:
FE - it may be Thursday or the following Monday b4 I can test this...I've got a ton of server upgrades this week, so I'll be WAH...
I'll keep you posted though - thanx.
0
 
sirbountyAuthor Commented:
Looks like, as suspected, I had locked a @# server console somewhere...a peer stumbled across it last night...
Thanx for the help though - I'm sure this will help someone. :D
0
 
Fatal_ExceptionCommented:
With that many servers, I suspect it is not hard to do..!!!  Since I only maintain 5 servers, and I have done the same thing, I have no room to say a word..!!!    :)  

0
 
Fatal_ExceptionCommented:
BTW:  thankQ SB...  Wish we could have helped more though..  :)
0
All Courses

From novice to tech pro — start learning today.