Solved

User Account Automatically locks out in AD on Windows 2003 server

Posted on 2009-07-16
7
585 Views
Last Modified: 2012-05-07
User Account Automatically locks out in AD on Windows 2003 server. This has happened a couple of times. Is there any diagnostics or Fault finding that can be done ?
Can we ascertain whic Pc Is using that user account to log on etc...
Is there any thing that one can do to stop it and to go the bottome of the problem.

thx
adam
0
Comment
Question by:adam_kan2000
  • 2
  • 2
  • 2
  • +1
7 Comments
 
LVL 7

Accepted Solution

by:
kumarnirmal earned 125 total points
Comment Utility
Hi,

This issue might be cause the activity of conflicker worm on your network , you can identified the machines causing account lock from the failure logs on the security logs.

Apply KB958644 & KB890830 and the restart the computer then run "c:\windows\system32\mrt.exe /F:Y to remove conflicker worm.
0
 
LVL 5

Expert Comment

by:ncomper
Comment Utility
Does this happen when logging into different machines?

Also is the account set to  expire at any point?
0
 
LVL 7

Expert Comment

by:kumarnirmal
Comment Utility
the account lock out is happening for a particular user or randomly the accounts get locked ?
 
0
Complete Microsoft Windows PC® & Mac Backup

Backup and recovery solutions to protect all your PCs & Mac– on-premises or in remote locations. Acronis backs up entire PC or Mac with patented reliable disk imaging technology and you will be able to restore workstations to a new, dissimilar hardware in minutes.

 

Author Comment

by:adam_kan2000
Comment Utility
It is only happening for one user and there is not a lot in the security logs ?
0
 
LVL 4

Assisted Solution

by:DarrenJL
DarrenJL earned 125 total points
Comment Utility
It does sound a lot like the Conficker worm (http://support.microsoft.com/kb/962007) but it could also be something else.

We use a proxy server to protect our users from the web and occasionally this locks certain users out. One user (Web development) uses Safari as one of their web browsers and that tries multiple times to connect to the web through the proxy server, after the 10th attempt it locks the users account and requires a member of IT to unlock it again.

Our Proxy server is connected via LDAP to our AD infrastructure.

Darren
0
 

Author Comment

by:adam_kan2000
Comment Utility
Is there any diagnostics work that can be done on the AD

Thx
Adam
0
 
LVL 4

Expert Comment

by:DarrenJL
Comment Utility
You can enable advanced ldownloading the Account Lockout and Management Tools

http://www.microsoft.com/downloads/details.aspx?FamilyId=7AF2E69C-91F3-4E63-8629-B999ADDE0B9E&displaylang=en

Darren
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Recently, I had the need to build a standalone system to run a point-of-sale system. I’m running this on a low-voltage Atom processor, so I wanted a light-weight operating system, but still needed Windows. I chose to use Microsoft Windows Server 200…
Learn about cloud computing and its benefits for small business owners.
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now