Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 264
  • Last Modified:

Why do I have user accounts locking out now for no reason

2 weeks ago I migrated my Exchange from 5.5 to 2k3. All went well with the exception of now i have some user accounts that keep locking out for no apparent reason. My policy is 3 unsuccessful attempts locks accounts. I have no clue so I need some help please.
0
Fraser_Admin
Asked:
Fraser_Admin
1 Solution
 
powercramCommented:
Do you have any processes that log on as a user automatically?
0
 
plug1Commented:
They dont have blackberrys or such like that havent had thier passwords updated and are automatically checking mail?
0
 
kadadi_vCommented:
0
Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

 
Fraser_AdminAuthor Commented:
No processes or BB as for the event ID 529 I have a few of these in the security logs but not pertaining to these particular users. BTW licensing is fine or at least appears that way.
0
 
ChiefITCommented:
What other policies do you have set up?

Did their passwords expire and they were not prompted to change their passwords??
0
 
Fraser_AdminAuthor Commented:
ChiefIT: There is nothing out of the ordinary changed other than the migration. Since that I have had these accounts locking. For example I can unlock a password and have a user attempt logging on, and without making any errors in typing it prompts the user that their account is locked. And it is.
0
 
ChiefITCommented:
It may be the level of protocol you are trying to authenticate with in exchange:
http://support.microsoft.com/kb/820281

Your server may be set up to strictly authenticate using Kerberos. I think there are methods to upgrade the authentication of exchange server services to kerberos only.

You would want to use kerberos as the gross vulnerabilities of NTLMhash is something you don't want.
0
 
ocon827679Commented:
Your users are still logged in somewhere.  Did they just change their password recently?  I would venture to guess that they did and they are either logged in at another workstation that they have forgotten about or have a process or service running under their credentials.  I've had this happen to me on several occasions, and they all told me that they were not logged in anywhere else.  Then we look in other offices/cubes where they sat and there is a WS that looks like its turned off, turn on the monitor and the screen saver is locked with their credentials.  Lesson learned - don't believe anything that a user tells you.
0
 
Fraser_AdminAuthor Commented:
ocon827679
This user does have a second PC and was logged on. I have had him logoff and back on. It should take much longer than an hour to test as I would hear from him every hour. AHHH!
0
 
Fraser_AdminAuthor Commented:
Thanks!! What a relief.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now