?
Solved

account lockout issue

Posted on 2010-11-18
5
Medium Priority
?
414 Views
Last Modified: 2012-05-10
hi, one user is getting locked out very frequently but i not able to figure out from which workstations login attempts are happening in security logs. Is there a tool which can help me find out the source of account lockout. I hv tried Alockout tool from microsoft but i need to know the actual source of user.

I hv enabled logon audit -success and failure in AD  but someone failure logs are not getting generated.

Thanks,
Santosh
0
Comment
Question by:santoshlk
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 9

Accepted Solution

by:
dj0rbit earned 375 total points
ID: 34164719
0
 
LVL 23

Expert Comment

by:Suliman Abu Kharroub
ID: 34164772
this should be shown on event viewer.

right click on the security tab, filter the current log a in the attached.


evnt.PNG
0
 
LVL 10

Expert Comment

by:abhijitmdp
ID: 34165882
As dj0rbit suggested you will need to download and run Account Lockout and Management Tools  tool from microsoft. this will show the exact result you are looking for.
0
 
LVL 2

Assisted Solution

by:Charlesd
Charlesd earned 375 total points
ID: 34170239
Just run the below command to enable netlogon debug logging on command prompt.

nltest /dbflag:0x2080ffff

After you restart Net Logon, Net Logon-related activity may be logged to %windir%\debug\netlogon.log

You would be able to see who is trying to access the server.

0
 

Author Closing Comment

by:santoshlk
ID: 34463255
partially solution.
0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Experts-Exchange users below are the steps you can follow to upgrade your Lync server to latest CU's or cumulative updates. Note: Perform it during non-production hours.   Step 1: Backup your lync and SQL server database. Follow below article: h…
The System Center Operations Manager 2012, known as SCOM, is a part of the Microsoft system center product that provides the user with infrastructure monitoring and application performance monitoring. SCOM monitors:   Windows or UNIX/LinuxNetwo…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question