Solved

Getting locked out my domain account every 15 to 30 minutes

Posted on 2009-04-06
7
1,670 Views
Last Modified: 2013-11-30
since i changed my password i have been getting locked out of my domain account.  How can I quickly find out what server and what server is causing me to get locked out?
0
Comment
Question by:Steve Samson
  • 3
  • 2
  • 2
7 Comments
 
LVL 25

Expert Comment

by:Ron Malmstead
ID: 24080062
Review the security event logs on the domain controller.  You should be able to see logon failures logged and it should show the offending machine.

It's probalby a server service that is using the old logon password.
0
 
LVL 31

Expert Comment

by:Justin Owens
ID: 24080080
Along the lines of xuserx2000's comments.....

As a general rule of thumb, it is better to have service accounts (local or domain) to run services and scheduled tasks.  If your account is consistently getting locked out every 30 minutes or hour, it could also be a scheduled task in addition to a Windows service.
0
 

Author Comment

by:Steve Samson
ID: 24080454
Senario:  I work for a large company as a DBA, Our network admin doesn't allow us to have the SQLservice account password, so when we do un upgrade or patch we have to use our login to gain access tempararaly to network resources, then we notify her of the service that needs the logon reassigned.  the problem is as stupid as i ws a did not write the server down that was updated upto 4 months ago. so now i am left with as much as a 15 minute window to research what server it was.  

All I know is at .25 cents a password change i will be reinvesting in our economy at a rate equal to the federal government!  :(
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 31

Expert Comment

by:Justin Owens
ID: 24080489
LOL!  Your system Admin should be able to audit your DC to determine the bad password's origination.  Once that is discovered, it should be a relatively simple thing to log into that server and change the security settings.  Still, it may cost more than $.25. :)
0
 

Author Comment

by:Steve Samson
ID: 24080554
DrUltima,  You would think so, but the admins don't like to share information with us, I know how to check it, (having been an admin in the past) its that I dont have admin access to look at the dc logs.  so its social engineer or hack, so lets just say that SE is not a solution when dealing with drones.


0
 
LVL 31

Accepted Solution

by:
Justin Owens earned 500 total points
ID: 24080795
Hrm...  I have been a SysAd for about 14 years.  If I told a user that I wouldn't audit my DC to get them the info they would needed, I REALLY hope my boss would write my butt up, because that is a primary function of a SysAd: support the users!  I cannot imagine a scenario where a SysAd shouldn't provide that info for you.  That said, you know your environment better than me.  I just cannot stand people like that.

I don't know what to tell you other than go through the trial and error process if you cannot get an AD audit or get your SysAd to change the Event Log's read properties to allow you to access them.  I don't really feel comfortable on submitting here how to hack AD security on a DC to get the info you need... ;-)

Sounds like you are in a Black Hole. :(
0
 
LVL 25

Expert Comment

by:Ron Malmstead
ID: 24080814
agree with DrUltima.

You have a problem, and the sys admin's should be at least helpoing to get it fixed for you.  Especially since you do not have access to fix it yourself.
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question