Solved

I keep getting locked out!

Posted on 2004-04-21
12
1,003 Views
Last Modified: 2010-04-13
Surely some of you admins have seen this...anyone have an answer?

I'm in a W2k AD.
Seems like every time I change my password, I go through about 2 weeks of having it lock on me for no apparent reason.
I'll be navigating thru my servers and all of a sudden get the "attempt to compromise security" message, or simpy a message that my account is locked out.

I'm sure the reason is that somewhere among the 140+ servers I support, I locked the remote console instead of logging out (or at least partially sure).

a) any way around this
b) any way of determining if my account is logged on elsewhere?

TIA
0
Comment
Question by:sirbounty
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
  • 2
  • +1
12 Comments
 
LVL 7

Assisted Solution

by:magus123
magus123 earned 75 total points
ID: 10879547
i am sure you caon probably do some auditing policy are something of that nature.
your delima represents a security issue , permission issue , request issue etc.
you should have a policy in place to track logon requests , user and group manamagment etc
forthe admin account

i would setup up a audit that tracks all deny logon requests for the network.

have you checked  AD to see if no one else has the same power as you

etc....
0
 
LVL 1

Assisted Solution

by:ninpokai
ninpokai earned 75 total points
ID: 10880909
Not sure if this is the same problem as what I had.  For some reason after I changed my password i would, periodically, throughout the day get locked out.  I would have to get back in and unlock my account and then a couple of hours later I got locked out again.  I simply took my workstation back to a workgroup and rejoined the domain and it's been fine since...not sure why it worked or why it happened...let me know how it does.

Nin
0
 
LVL 67

Author Comment

by:sirbounty
ID: 10883018
>magus123 - I think I'd have to set up this policy across the enterprise - wouldn't I?  Not something I'm prepared to do.
Also, it's not like I've tried logging in with the wrong password - I am logged on for an hour or more before the 'weirdness' kicks in...

>ninpokai - Hmm - almost sounded like this would be on the right track, but I've experienced this problem through about 4 rebuilds now (over a year or longer) - so I don't think that'd do it...If no other suggestions, I may still give it a shot though.. Thanx.
0
Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

 
LVL 7

Expert Comment

by:magus123
ID: 10886312
i would not use audting or tracking on  very large enterprise , as it would slow down traffic and
cause behaviors , its only ment for samller local intranets. i would wait for someone that has
more experience to post .

have looked on ms support for known lockout issues in AD
0
 
LVL 67

Author Comment

by:sirbounty
ID: 10888608
Strange thing is - it's happening with both of my accounts.
I have an 'admin' account and a 'user' account.  I change the password on both at the same time, so they'll stay in synch.
I know I wouldn't have used my user account elsewhere...it's only used to get into my email - and I was in there fine and working when it locked on me... :(
0
 
LVL 1

Expert Comment

by:ninpokai
ID: 10888635
have you logged out of the domain and back in...??? Just curious if you user profile is corrupted for some reason...
0
 
LVL 40

Accepted Solution

by:
Fatal_Exception earned 100 total points
ID: 10890295
I actually saw this thread yesterday, and gave it some thought..  Nothing really came to mind so I thought I would just wait for a brilliant answer to your problem...  :)

This probably does not apply to your situation, but..

http://support.microsoft.com/?kbid=275508

What about using a 15 char password (if you are not already..)  Take the LM hash out of the mix..  You could even use a null char (a) to string it out..   Know I am grasping here, but what the heck..
0
 
LVL 67

Author Comment

by:sirbounty
ID: 10893620
straws are okay with me - I'll check that option on Monday FE.
Yes, I've rebooted and logged out several times...seems to happen every time I've changed my password
0
 
LVL 67

Author Comment

by:sirbounty
ID: 10908907
FE - it may be Thursday or the following Monday b4 I can test this...I've got a ton of server upgrades this week, so I'll be WAH...
I'll keep you posted though - thanx.
0
 
LVL 67

Author Comment

by:sirbounty
ID: 10927314
Looks like, as suspected, I had locked a @# server console somewhere...a peer stumbled across it last night...
Thanx for the help though - I'm sure this will help someone. :D
0
 
LVL 40

Expert Comment

by:Fatal_Exception
ID: 10928063
With that many servers, I suspect it is not hard to do..!!!  Since I only maintain 5 servers, and I have done the same thing, I have no room to say a word..!!!    :)  

0
 
LVL 40

Expert Comment

by:Fatal_Exception
ID: 10928102
BTW:  thankQ SB...  Wish we could have helped more though..  :)
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
If you need to forecast numbers -- typically for finance -- the Windows and Mac versions of Excel 2016 have a basket of tools to get the job done.
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question