Solved

Getting locked out my domain account every 15 to 30 minutes

Posted on 2009-04-06
7
1,668 Views
Last Modified: 2013-11-30
since i changed my password i have been getting locked out of my domain account.  How can I quickly find out what server and what server is causing me to get locked out?
0
Comment
Question by:Steve Samson
  • 3
  • 2
  • 2
7 Comments
 
LVL 25

Expert Comment

by:Ron Malmstead
ID: 24080062
Review the security event logs on the domain controller.  You should be able to see logon failures logged and it should show the offending machine.

It's probalby a server service that is using the old logon password.
0
 
LVL 31

Expert Comment

by:Justin Owens
ID: 24080080
Along the lines of xuserx2000's comments.....

As a general rule of thumb, it is better to have service accounts (local or domain) to run services and scheduled tasks.  If your account is consistently getting locked out every 30 minutes or hour, it could also be a scheduled task in addition to a Windows service.
0
 

Author Comment

by:Steve Samson
ID: 24080454
Senario:  I work for a large company as a DBA, Our network admin doesn't allow us to have the SQLservice account password, so when we do un upgrade or patch we have to use our login to gain access tempararaly to network resources, then we notify her of the service that needs the logon reassigned.  the problem is as stupid as i ws a did not write the server down that was updated upto 4 months ago. so now i am left with as much as a 15 minute window to research what server it was.  

All I know is at .25 cents a password change i will be reinvesting in our economy at a rate equal to the federal government!  :(
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 31

Expert Comment

by:Justin Owens
ID: 24080489
LOL!  Your system Admin should be able to audit your DC to determine the bad password's origination.  Once that is discovered, it should be a relatively simple thing to log into that server and change the security settings.  Still, it may cost more than $.25. :)
0
 

Author Comment

by:Steve Samson
ID: 24080554
DrUltima,  You would think so, but the admins don't like to share information with us, I know how to check it, (having been an admin in the past) its that I dont have admin access to look at the dc logs.  so its social engineer or hack, so lets just say that SE is not a solution when dealing with drones.


0
 
LVL 31

Accepted Solution

by:
Justin Owens earned 500 total points
ID: 24080795
Hrm...  I have been a SysAd for about 14 years.  If I told a user that I wouldn't audit my DC to get them the info they would needed, I REALLY hope my boss would write my butt up, because that is a primary function of a SysAd: support the users!  I cannot imagine a scenario where a SysAd shouldn't provide that info for you.  That said, you know your environment better than me.  I just cannot stand people like that.

I don't know what to tell you other than go through the trial and error process if you cannot get an AD audit or get your SysAd to change the Event Log's read properties to allow you to access them.  I don't really feel comfortable on submitting here how to hack AD security on a DC to get the info you need... ;-)

Sounds like you are in a Black Hole. :(
0
 
LVL 25

Expert Comment

by:Ron Malmstead
ID: 24080814
agree with DrUltima.

You have a problem, and the sys admin's should be at least helpoing to get it fixed for you.  Especially since you do not have access to fix it yourself.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Access bios on restart 11 54
Problem to file 13 41
PDF to JPG 13 45
Powerline adapter slow Mbps? 38 125
Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question