Solved

Active directory account lock every time

Posted on 2010-11-15
11
829 Views
Last Modified: 2012-06-21
Hi all,

I am on a domain 2003, DC are in standard version and SP2, and i have an issue about one account. This account is lock sometimes whitout (human) logon failure. I search in security logs but nothing i don't find lock log and logon failure.

Can you help me?
0
Comment
Question by:makanzore
11 Comments
 
LVL 3

Expert Comment

by:ketelhuis
ID: 34135062
Did you check all DCs event logs?
0
 

Author Comment

by:makanzore
ID: 34135105
I checked all dc in site
0
 
LVL 6

Expert Comment

by:ipajones
ID: 34135126
Does the user of this account have a mobile device with access to emails ?
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 
LVL 2

Expert Comment

by:sudheendra2001
ID: 34135135
remove the paasword lockout policy and check. Beacuse if you have any password lock out policy and if he saved his password in any software and changed his password then this kind of problem will come.

In my case i saved my password in one toolbar then my account was locking every often.
0
 
LVL 15

Expert Comment

by:JBond2010
ID: 34135171
You need to be looking for Netlogon errors. DNS sounds like it is causing the issue. Check the PC and make sure it is using the correct ip addresses for DNS resolution.
0
 
LVL 24

Accepted Solution

by:
Awinish earned 500 total points
ID: 34135261
0
 
LVL 26

Expert Comment

by:Leon Fester
ID: 34135630
Use the Account Lockout Status tool from microsoft to see which Server requested that the account is locked. Then check the Security log for details of that account which is being locked.

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=D1A5ED1D-CD55-4829-A189-99515B0E90F7&displaylang=en
0
 

Author Comment

by:makanzore
ID: 34136511
No account have no mobile device and mailbox, it is a services account
I can't remove policy i am on production, and password didn't change and no body change it
I can't install any application on DC, so i try Account Lockout Status tool from my desktop and i have no result when i chose select target (with correct account)
0
 
LVL 24

Expert Comment

by:Awinish
ID: 34136957
Did you use netwrix tool?
0
 
LVL 26

Expert Comment

by:e_aravind
ID: 34137809
Want to try using the acctinfo.dll? to get more details about the account

Account Lockout and Management Tools
http://www.microsoft.com/downloads/en/details.aspx?FamilyId=7AF2E69C-91F3-4E63-8629-B999ADDE0B9E&displaylang=en

View Additional User Information in AD Users and Computers
http://www.petri.co.il/view_additional_user_information_in_aduc.htm
0
 
LVL 24

Expert Comment

by:Awinish
ID: 34137857
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The following article is intended as a guide to using PowerShell as a more versatile and reliable form of application detection in SCCM.
A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question