malcatt
asked on
account lockouts
I am current logged into a machine. AD is now 2008 R2. whaen I change my password I now get locked out because I am still logged in somewhere. How do I find out where I am logged into, I've used the Built in event ids in eventcomb and have added 4625 and 4771, it finds pad passwords though I dont have an ip from where it is locking me out. Help! Its driving me nuts. I also use lockoutstatus.exe so I know which dc its authenticating with
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks everyone, have tried all these approaches and still not having much success. With eventcomb I use the built in Account lock out search then I converted all the event IDs to 2008.
Came up with 4768, 4771, 4740 (which you suggested) 4776, and 4625. I have also used the Alockout tools which I have used in the past, still no go, embarassing :)
Looked for services and mapped drives, which are great suggestions because I know lately just for testing that I have tied it for a service though I thought just for testing, then I've taken it back out.
Will continue looking thanks again
Came up with 4768, 4771, 4740 (which you suggested) 4776, and 4625. I have also used the Alockout tools which I have used in the past, still no go, embarassing :)
Looked for services and mapped drives, which are great suggestions because I know lately just for testing that I have tied it for a service though I thought just for testing, then I've taken it back out.
Will continue looking thanks again
http://technet.microsoft.com/en-us/library/cc747507(WS.10).aspx