?
Solved

I keep getting locked out!

Posted on 2004-04-21
12
Medium Priority
?
1,011 Views
Last Modified: 2010-04-13
Surely some of you admins have seen this...anyone have an answer?

I'm in a W2k AD.
Seems like every time I change my password, I go through about 2 weeks of having it lock on me for no apparent reason.
I'll be navigating thru my servers and all of a sudden get the "attempt to compromise security" message, or simpy a message that my account is locked out.

I'm sure the reason is that somewhere among the 140+ servers I support, I locked the remote console instead of logging out (or at least partially sure).

a) any way around this
b) any way of determining if my account is logged on elsewhere?

TIA
0
Comment
Question by:sirbounty
  • 5
  • 3
  • 2
  • +1
12 Comments
 
LVL 7

Assisted Solution

by:magus123
magus123 earned 300 total points
ID: 10879547
i am sure you caon probably do some auditing policy are something of that nature.
your delima represents a security issue , permission issue , request issue etc.
you should have a policy in place to track logon requests , user and group manamagment etc
forthe admin account

i would setup up a audit that tracks all deny logon requests for the network.

have you checked  AD to see if no one else has the same power as you

etc....
0
 
LVL 1

Assisted Solution

by:ninpokai
ninpokai earned 300 total points
ID: 10880909
Not sure if this is the same problem as what I had.  For some reason after I changed my password i would, periodically, throughout the day get locked out.  I would have to get back in and unlock my account and then a couple of hours later I got locked out again.  I simply took my workstation back to a workgroup and rejoined the domain and it's been fine since...not sure why it worked or why it happened...let me know how it does.

Nin
0
 
LVL 67

Author Comment

by:sirbounty
ID: 10883018
>magus123 - I think I'd have to set up this policy across the enterprise - wouldn't I?  Not something I'm prepared to do.
Also, it's not like I've tried logging in with the wrong password - I am logged on for an hour or more before the 'weirdness' kicks in...

>ninpokai - Hmm - almost sounded like this would be on the right track, but I've experienced this problem through about 4 rebuilds now (over a year or longer) - so I don't think that'd do it...If no other suggestions, I may still give it a shot though.. Thanx.
0
Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
LVL 7

Expert Comment

by:magus123
ID: 10886312
i would not use audting or tracking on  very large enterprise , as it would slow down traffic and
cause behaviors , its only ment for samller local intranets. i would wait for someone that has
more experience to post .

have looked on ms support for known lockout issues in AD
0
 
LVL 67

Author Comment

by:sirbounty
ID: 10888608
Strange thing is - it's happening with both of my accounts.
I have an 'admin' account and a 'user' account.  I change the password on both at the same time, so they'll stay in synch.
I know I wouldn't have used my user account elsewhere...it's only used to get into my email - and I was in there fine and working when it locked on me... :(
0
 
LVL 1

Expert Comment

by:ninpokai
ID: 10888635
have you logged out of the domain and back in...??? Just curious if you user profile is corrupted for some reason...
0
 
LVL 40

Accepted Solution

by:
Fatal_Exception earned 400 total points
ID: 10890295
I actually saw this thread yesterday, and gave it some thought..  Nothing really came to mind so I thought I would just wait for a brilliant answer to your problem...  :)

This probably does not apply to your situation, but..

http://support.microsoft.com/?kbid=275508

What about using a 15 char password (if you are not already..)  Take the LM hash out of the mix..  You could even use a null char (a) to string it out..   Know I am grasping here, but what the heck..
0
 
LVL 67

Author Comment

by:sirbounty
ID: 10893620
straws are okay with me - I'll check that option on Monday FE.
Yes, I've rebooted and logged out several times...seems to happen every time I've changed my password
0
 
LVL 67

Author Comment

by:sirbounty
ID: 10908907
FE - it may be Thursday or the following Monday b4 I can test this...I've got a ton of server upgrades this week, so I'll be WAH...
I'll keep you posted though - thanx.
0
 
LVL 67

Author Comment

by:sirbounty
ID: 10927314
Looks like, as suspected, I had locked a @# server console somewhere...a peer stumbled across it last night...
Thanx for the help though - I'm sure this will help someone. :D
0
 
LVL 40

Expert Comment

by:Fatal_Exception
ID: 10928063
With that many servers, I suspect it is not hard to do..!!!  Since I only maintain 5 servers, and I have done the same thing, I have no room to say a word..!!!    :)  

0
 
LVL 40

Expert Comment

by:Fatal_Exception
ID: 10928102
BTW:  thankQ SB...  Wish we could have helped more though..  :)
0

Featured Post

Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
You can use the network upload option and the Office 365 Import service to bulk-import PST files to user mailboxes. Network upload means that you upload the PST files a temporary storage area in the Microsoft cloud.
Watch the video to know how one can repair corrupt Exchange OST file effortlessly and convert OST emails to MS Outlook PST file format by using Kernel for OST to PST converter tool. It can convert OST to MSG, MBOX, EML to access them. It can migrate…
Watch the video of Kernel Migrator for SharePoint, which demonstrate the process easily of migration from SharePoint to SharePoint, OneDrive for Business & Google Drive servers, Public Folder to SharePoint, File Server to SharePoint. The tool has va…

585 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question