Solved

Active directory account lock every time

Posted on 2010-11-15
11
831 Views
Last Modified: 2012-06-21
Hi all,

I am on a domain 2003, DC are in standard version and SP2, and i have an issue about one account. This account is lock sometimes whitout (human) logon failure. I search in security logs but nothing i don't find lock log and logon failure.

Can you help me?
0
Comment
Question by:makanzore
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
11 Comments
 
LVL 3

Expert Comment

by:ketelhuis
ID: 34135062
Did you check all DCs event logs?
0
 

Author Comment

by:makanzore
ID: 34135105
I checked all dc in site
0
 
LVL 6

Expert Comment

by:ipajones
ID: 34135126
Does the user of this account have a mobile device with access to emails ?
0
Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

 
LVL 2

Expert Comment

by:sudheendra2001
ID: 34135135
remove the paasword lockout policy and check. Beacuse if you have any password lock out policy and if he saved his password in any software and changed his password then this kind of problem will come.

In my case i saved my password in one toolbar then my account was locking every often.
0
 
LVL 15

Expert Comment

by:JBond2010
ID: 34135171
You need to be looking for Netlogon errors. DNS sounds like it is causing the issue. Check the PC and make sure it is using the correct ip addresses for DNS resolution.
0
 
LVL 24

Accepted Solution

by:
Awinish earned 500 total points
ID: 34135261
0
 
LVL 26

Expert Comment

by:Leon Fester
ID: 34135630
Use the Account Lockout Status tool from microsoft to see which Server requested that the account is locked. Then check the Security log for details of that account which is being locked.

http://www.microsoft.com/downloads/en/details.aspx?FamilyID=D1A5ED1D-CD55-4829-A189-99515B0E90F7&displaylang=en
0
 

Author Comment

by:makanzore
ID: 34136511
No account have no mobile device and mailbox, it is a services account
I can't remove policy i am on production, and password didn't change and no body change it
I can't install any application on DC, so i try Account Lockout Status tool from my desktop and i have no result when i chose select target (with correct account)
0
 
LVL 24

Expert Comment

by:Awinish
ID: 34136957
Did you use netwrix tool?
0
 
LVL 26

Expert Comment

by:e_aravind
ID: 34137809
Want to try using the acctinfo.dll? to get more details about the account

Account Lockout and Management Tools
http://www.microsoft.com/downloads/en/details.aspx?FamilyId=7AF2E69C-91F3-4E63-8629-B999ADDE0B9E&displaylang=en

View Additional User Information in AD Users and Computers
http://www.petri.co.il/view_additional_user_information_in_aduc.htm
0
 
LVL 24

Expert Comment

by:Awinish
ID: 34137857
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question