Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

Troubleshooting
Research
Professional Opinions
Ask a Question
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

troubleshooting Question

Is there an easy way to get notified of an invalid login attempt in Active Directory?

Avatar of fedsig
fedsigFlag for United States of America asked on
Windows Server 2003Active Directory
10 Comments1 Solution621 ViewsLast Modified:
I have a service account that gets locked out approximately 1-2 times a week.  I am wondering if there is a way to be notified as soon as an invalid login attempt is made for a specific user account.  The invalid attempt is most likely occurring within a specific AD site (which hosts only 1 domain controller).

Once the account is locked out, I have been running the account lockout tool to see where and when the last invalid attempt is made (it's always the same DC).  But I would like to be notified as soon as the attempt is made.  Is there a way to do this without an expensive tool?  I have the Messenger service disabled at the domain level, so Windows pop-ups aren't really an option.  Thanks for your help.
ASKER CERTIFIED SOLUTION
Avatar of Don
DonFlag of United States of America imageNetwork Administrator

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Commented:
This problem has been solved!
Unlock 1 Answer and 10 Comments.
See Answers