Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Getting locked out my domain account every 15 to 30 minutes

Posted on 2009-04-06
7
Medium Priority
?
1,678 Views
Last Modified: 2013-11-30
since i changed my password i have been getting locked out of my domain account.  How can I quickly find out what server and what server is causing me to get locked out?
0
Comment
Question by:Steve Samson
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
7 Comments
 
LVL 25

Expert Comment

by:Ron Malmstead
ID: 24080062
Review the security event logs on the domain controller.  You should be able to see logon failures logged and it should show the offending machine.

It's probalby a server service that is using the old logon password.
0
 
LVL 31

Expert Comment

by:Justin Owens
ID: 24080080
Along the lines of xuserx2000's comments.....

As a general rule of thumb, it is better to have service accounts (local or domain) to run services and scheduled tasks.  If your account is consistently getting locked out every 30 minutes or hour, it could also be a scheduled task in addition to a Windows service.
0
 

Author Comment

by:Steve Samson
ID: 24080454
Senario:  I work for a large company as a DBA, Our network admin doesn't allow us to have the SQLservice account password, so when we do un upgrade or patch we have to use our login to gain access tempararaly to network resources, then we notify her of the service that needs the logon reassigned.  the problem is as stupid as i ws a did not write the server down that was updated upto 4 months ago. so now i am left with as much as a 15 minute window to research what server it was.  

All I know is at .25 cents a password change i will be reinvesting in our economy at a rate equal to the federal government!  :(
0
Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

 
LVL 31

Expert Comment

by:Justin Owens
ID: 24080489
LOL!  Your system Admin should be able to audit your DC to determine the bad password's origination.  Once that is discovered, it should be a relatively simple thing to log into that server and change the security settings.  Still, it may cost more than $.25. :)
0
 

Author Comment

by:Steve Samson
ID: 24080554
DrUltima,  You would think so, but the admins don't like to share information with us, I know how to check it, (having been an admin in the past) its that I dont have admin access to look at the dc logs.  so its social engineer or hack, so lets just say that SE is not a solution when dealing with drones.


0
 
LVL 31

Accepted Solution

by:
Justin Owens earned 2000 total points
ID: 24080795
Hrm...  I have been a SysAd for about 14 years.  If I told a user that I wouldn't audit my DC to get them the info they would needed, I REALLY hope my boss would write my butt up, because that is a primary function of a SysAd: support the users!  I cannot imagine a scenario where a SysAd shouldn't provide that info for you.  That said, you know your environment better than me.  I just cannot stand people like that.

I don't know what to tell you other than go through the trial and error process if you cannot get an AD audit or get your SysAd to change the Event Log's read properties to allow you to access them.  I don't really feel comfortable on submitting here how to hack AD security on a DC to get the info you need... ;-)

Sounds like you are in a Black Hole. :(
0
 
LVL 25

Expert Comment

by:Ron Malmstead
ID: 24080814
agree with DrUltima.

You have a problem, and the sys admin's should be at least helpoing to get it fixed for you.  Especially since you do not have access to fix it yourself.
0

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Windows Server 2003 introduced persistent Volume Shadow Copies and made 2003 a must-do upgrade.  Since then, it's been a must-implement feature for all servers doing any kind of file sharing.
In this modest contribution, I want to share with the IT community (especially system administrators, IT Support Engineers and IT Help Desks) about Windows crashes/hangs and how to deal with these particular problems.
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
In this video, viewers will be given step by step instructions on adjusting mouse, pointer and cursor visibility in Microsoft Windows 10. The video seeks to educate those who are struggling with the new Windows 10 Graphical User Interface. Change Cu…

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question