We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you a podcast all about Citrix Workspace, moving to the cloud, and analytics & intelligence. Episode 2 coming soon!Listen Now


Annoying Workstation lockout

Yiper72 asked
Medium Priority
Last Modified: 2007-12-29
We have 8 (Most running windows xp pro, others using 2000 pro) workstations that are running using Windows 2003 Server as our domain server, everyday at 4:30 pm all our workstations are locked out of the server for about an hour, then we can log back in and finish whatever we were doing. I'm not sure where to check for a setting that can be doing this. Could it be when a backup has been scheduled? Please advise on where to start looking.
Watch Question

Top Expert 2005
During this "lockout" can you ping the server by both IP and name?

Does this "lockout" stop users from accessing shares, prevent access to the internet, stop serving DNS, stop new users from logging in, stop DHCP addresses from being obtained??

If you can narrow down what exactly is being impacted, then we may be able to start you off in the correct direction.

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts


I will check the items you asked about and respond -- Thanks for the starting point
Top Expert 2005

Do you have a Logon time exclusion in AD users and computers.
Right click the user-properties-account tab
click logon hours button...

Weird that this would happen at 4:30. Are you a new admin for this domain? Maybe there is a reason for this. I would think if this happens to everyone then it is a group policy setting. Do you know how to look into this? Look on MS.Com for Group Policy Management Console (http://www.google.com/url?sa=t&ct=res&cd=1&url=http%3A%2F%2Fwww.microsoft.com%2Fdownloads%2Fdetails.aspx%3Ffamilyid%3D0a6d4c24-8cbd-4b35-9272-dd3cbfc81887&ei=ViugRsSaN4KceZq5qewB&usg=AFQjCNHisukQxKKThoyHGdXoUsBH2JfeUw&sig2=YXdMg9d00TFzOFaLMJyCfQ)
Install thin and you will see all the policies on your domain, if you have the rights too, and this will show you what is setup. It is very nice since the policies are very big and tedious to look through every single configuration option.

Hope that helps,

I had an issue similar to this. There were broken group policy objects that caused strange things such as the inability to login to the system.
One option is to backup the group policies that you want to save, run the gpotool to reset all group policies, then restore the ones that you need. That would reset any "broken" gpo's that might be hanging out there.


I found out that they had multiple issues that needed my attention while I was there. I found out when I got there that I was hired for an hour to get as many things done as possible. I did not get time to troubleshoot the logoff issue but I did notice that the workstations were able to ping the server by ip, but not by name.  I also notice some dns issues in the event viewer. It sounds like the owners brother will be fixing the rest of the problems that I identified.  Thanks to all for your input!


What we found while trying to ping the server by ip and by name was that the ip address would resolve but the name would not. After looking at the dns settings we found that the dns name ended in .com rather than the .local that all the workstations were pointing to. Once we changed that dns setting everything worked and many of there problems cleared. Thanks
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.