Solved

Account keeps locking out

Posted on 2008-10-28
3
705 Views
Last Modified: 2013-12-24
we have an account that is continually getting locked out.  Is there any way we can find out where it is getting locked out from?  I looked in security on the DC and both don't show any failed login attempts...  Any utilities out there that can show incoming authentication attempts?
0
Comment
Question by:TCrockett
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 17

Expert Comment

by:JohnGerhardt
ID: 22823728
0
 
LVL 35

Accepted Solution

by:
Joseph Daly earned 250 total points
ID: 22823819
Ok here is where I would start. Download the Account Lockout tools from microsoft.
http://www.microsoft.com/downloads/details.aspx?FamilyId=7AF2E69C-91F3-4E63-8629-B999ADDE0B9E&displaylang=en

Youll want to run the LockoutStatus.exe on the account that is getting the frequent lockouts. This should return the domain controller where the account was locked out and also the time. If you have multiple DC's its possible one of the other ones is locking the account and you cant see it.

Once you have the lockout time and location then you can check the event logs on that domain controller to for failed events.
0
 

Author Comment

by:TCrockett
ID: 22828121
Here is what it shows, It shows that the lockout is coming from itself???:

Target Account Name:      avhadmin
       Target Account ID:      xxx\admin
       Caller Machine Name:      xxx-DC1
       Caller User Name:      xxx-DC1$
       Caller Domain:      xxxx
       Caller Logon ID:      (0x0,0x3E7)
0

Featured Post

Secure Your Active Directory - April 20, 2017

Active Directory plays a critical role in your company’s IT infrastructure and keeping it secure in today’s hacker-infested world is a must.
Microsoft published 300+ pages of guidance, but who has the time, money, and resources to implement? Register now to find an easier way.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Application integration into Active Directory 3 33
Concat multiple records into one line 3 40
DC with error SChannel ID 36888 3 40
Export AD group members. 1 22
While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question