• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 711
  • Last Modified:

Account keeps locking out

we have an account that is continually getting locked out.  Is there any way we can find out where it is getting locked out from?  I looked in security on the DC and both don't show any failed login attempts...  Any utilities out there that can show incoming authentication attempts?
0
TCrockett
Asked:
TCrockett
1 Solution
 
JohnGerhardtCommented:
0
 
Joseph DalyCommented:
Ok here is where I would start. Download the Account Lockout tools from microsoft.
http://www.microsoft.com/downloads/details.aspx?FamilyId=7AF2E69C-91F3-4E63-8629-B999ADDE0B9E&displaylang=en

Youll want to run the LockoutStatus.exe on the account that is getting the frequent lockouts. This should return the domain controller where the account was locked out and also the time. If you have multiple DC's its possible one of the other ones is locking the account and you cant see it.

Once you have the lockout time and location then you can check the event logs on that domain controller to for failed events.
0
 
TCrockettAuthor Commented:
Here is what it shows, It shows that the lockout is coming from itself???:

Target Account Name:      avhadmin
       Target Account ID:      xxx\admin
       Caller Machine Name:      xxx-DC1
       Caller User Name:      xxx-DC1$
       Caller Domain:      xxxx
       Caller Logon ID:      (0x0,0x3E7)
0

Featured Post

Free tool for managing users' photos in Office 365

Easily upload multiple users’ photos to Office 365. Manage them with an intuitive GUI and use handy built-in cropping and resizing options. Link photos with users based on Azure AD attributes. Free tool!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now