Link to home
Start Free TrialLog in
Avatar of fatihdi
fatihdi

asked on

Locking out a user in windows how to find,

An application is locking out a user like almost each and every day from a commputer, we think that probably an application is trying to login with a user and a wrong password and after 5 times policy in active directory is locking out the user from the computer. I am saying with a wrong password it is trying to login because this started happening after a password reset of a user. Is there a way to track down which application is causing this and how can we find that application and prevent this from happening... look to hear from you asap thank you very much
Avatar of Krzysztof Pytko
Krzysztof Pytko
Flag of Poland image
Try to use LockoutStatus and eventcombMT from AL Tools from Microsoft. It would help find lockout user account (DC, event logs in central point)

http://www.microsoft.com/downloads/en/details.aspx?FamilyId=7AF2E69C-91F3-4E63-8629-B999ADDE0B9E&displaylang=en
Avatar of ChiefIT
ChiefIT
Flag of United States of America image
Should be some failed logon attempts in the security event logs. I believe these will give the computer and possibly the application that's got you bound up.

Also on the client's computer, maybe you have a saved password in "managed passwords". Go to the client's control pannel>>Users>>advanced>>managed passwords and remove those.
Avatar of fatihdi
fatihdi

ASKER

@chiefIT , there is no Users in control panel in windows 2000's control panel. where should i look for managed passwords? for your first paraghraph in your comment i did not get what am i supposed to as well? how can i see security event logs ?
cp.JPG
Avatar of fatihdi
fatihdi

ASKER

@iSiek , Thank you for giving the link but the problem is I am not concerned about which account is locked it is always the same. but the thing is I want to find the application that is locking the account,causing it to be locked out !!
ASKER CERTIFIED SOLUTION
Avatar of Krzysztof Pytko
Krzysztof Pytko
Flag of Poland image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of ChiefIT
ChiefIT
Flag of United States of America image
On a windows 2000 machine, there are no managed passwords... I didn't realize we are looking at a Win2000 client.

Avatar of ChiefIT
ChiefIT
Flag of United States of America image
OK, so after a password change, you might be logged on elsewhere "remotely" using the old password. This immediately locks you out. Looks like iSiek has a way to track this down.